Implemented LiteCharms Security TokenService

2026-06-12 16:09:51 +02:00
parent f5f1035598
commit a98adea8f3
29 changed files with 313 additions and 100 deletions
@@ -0,0 +1,14 @@
+namespace LiteCharms.Features.Api.Configuration;
+
+public sealed class LiteCharmsClientSettings
+{
+    public string? Authority { get; set; }
+
+    public string? GrantType { get; set; }
+
+    public string? ClientId { get; set; }
+
+    public string? ClientSecret { get; set; }
+
+    public string? Scope { get; set; }
+}
@@ -0,0 +1,13 @@
+namespace LiteCharms.Features.Api.Models;
+
+public sealed class TokenErrorResponse
+{
+    [JsonPropertyName("error")]
+    public string? Error { get; set; }
+
+    [JsonPropertyName("error_description")]
+    public string? ErrorDescription { get; set; }
+
+    [JsonPropertyName("error_uri")]
+    public string? ErrorUri { get; set; }
+}
@@ -0,0 +1,20 @@
+namespace LiteCharms.Features.Api.Models;
+
+public sealed class TokenRequest
+{
+    [JsonPropertyName("grant_type")]
+    [AliasAs("grant_type")]
+    public string? GrantType { get; set; }
+
+    [JsonPropertyName("client_id")]
+    [AliasAs("client_id")]
+    public string? ClientId { get; set; }
+
+    [JsonPropertyName("client_secret")]
+    [AliasAs("client_secret")]
+    public string? ClientSecret { get; set; }
+
+    [JsonPropertyName("scope")]
+    [AliasAs("scope")]
+    public string? Scope { get; set; }
+}
@@ -0,0 +1,17 @@
+namespace LiteCharms.Features.Api.Models;
+
+public sealed class TokenResponse
+{
+    [JsonPropertyName("access_token")]
+    public string? AccessToken { get; set; }
+
+    [JsonPropertyName("expires_in")]
+    public int ExpiresIn { get; set; }
+
+    [JsonPropertyName("token_type")]
+    public string? TokenType { get; set; }
+
+    [JsonPropertyName("scope")]
+    public string? Scope { get; set; }
+}
+
@@ -0,0 +1,10 @@
+using LiteCharms.Features.Api.Models;
+
+namespace LiteCharms.Features.Api.Sdk;
+
+public interface IConnectApi
+{
+    [Post("/connect/token")]
+    ValueTask<HttpResponseMessage> GetToken([Body(BodySerializationMethod.UrlEncoded)] TokenRequest request, 
+        CancellationToken cancellationToken = default);
+}
@@ -0,0 +1,67 @@
+using LiteCharms.Features.Abstractions;
+using LiteCharms.Features.Api.Configuration;
+using LiteCharms.Features.Api.Models;
+using LiteCharms.Features.Api.Sdk;
+
+namespace LiteCharms.Features.Api;
+
+public sealed class TokenService(IConnectApi connectApi, IOptions<LiteCharmsClientSettings> clientOptions) : IService
+{
+    private readonly LiteCharmsClientSettings clientSettings = clientOptions.Value;
+
+    public async Task<Result<TokenResponse>> GenerateAsync(CancellationToken cancellationToken = default)
+    {
+        try
+        {
+            var request = new TokenRequest
+            {
+                ClientId = clientSettings.ClientId,
+                ClientSecret = clientSettings.ClientSecret,
+                GrantType = clientSettings.GrantType,
+                Scope = clientSettings.Scope,
+            };
+
+            using var response = await connectApi.GetToken(request, cancellationToken);
+
+            var contentRaw = await response.Content.ReadAsStringAsync(cancellationToken);
+
+            if (string.IsNullOrWhiteSpace(contentRaw))
+                return Result.Fail(new Error($"The authentication endpoint returned an empty payload. Status code: {response.StatusCode}"));
+
+            if (response.IsSuccessStatusCode)
+            {
+                var tokenResponse = JsonSerializer.Deserialize<TokenResponse>(contentRaw);
+
+                return !string.IsNullOrWhiteSpace(tokenResponse?.AccessToken)
+                    ? Result.Ok(tokenResponse)
+                    : Result.Fail<TokenResponse>(new Error("Authentication succeeded, but no access token was found in the response payload."));
+            }
+
+            try
+            {
+                var errorResult = JsonSerializer.Deserialize<TokenErrorResponse>(contentRaw);
+
+                if (errorResult != null)
+                {
+                    string summary = $"{errorResult.Error}: {errorResult.ErrorDescription}";
+
+                    return Result.Fail(new Error(summary));
+                }
+            }
+            catch
+            {
+                return Result.Fail(new Error($"Authentication failed: {contentRaw}"));
+            }
+
+            return Result.Fail(new Error($"Authentication failed with status code: {response.StatusCode}"));
+        }
+        catch (OperationCanceledException ex)
+        {
+            return Result.Fail(new Error("The token generation request was canceled.").CausedBy(ex));
+        }
+        catch (Exception ex)
+        {
+            return Result.Fail(new Error(ex.Message).CausedBy(ex));
+        }
+    }
+}