Rename IdentityAccessManagement* to Auth*

  </PropertyGroup>

  <ItemGroup>

    <Compile Remove="Models\API\IdentityAccessManagement\Refresh.cs" />

    <Compile Remove="Models\API\Proxy\**" />

    <Compile Remove="Utilities\Handler\**" />

    <EmbeddedResource Remove="Models\API\Proxy\**" />

    <EmbeddedResource Remove="Utilities\Handler\**" />

    <None Remove="Models\API\Proxy\**" />

    <None Remove="Utilities\Handler\**" />

  </ItemGroup>

  <ItemGroup>

    <PackageReference Include="Microsoft.AspNetCore.Mvc.Core" Version="2.3.0" />

    <PackageReference Include="Microsoft.Extensions.Http" Version="9.0.13" />

  </ItemGroup>

  <ItemGroup>

using Auth.Shared.Models;

using Auth.Shared.Models.API.Authorization;

using Auth.Shared.Models.API.Ready;

using Auth.Shared.Models.Data;

using Auth.Shared.Models.UserIdent;

namespace Auth.Shared.Interfaces;

/// <summary> Interface provides the '<see cref="IAuthClient"/>' definition for accessing API endpoints related to user authentication and application authorization.

/// </summary>

public interface IAuthClient

{

    #region Init / Deinit

    /// <summary> Initializes the client for the specified application, setting up necessary configurations and preparing it for user authentication, application authorization and token management.

    /// </summary>

    /// <param name="appName"> The application name, which is used as the target for server interaction and token processing. </param>

    /// <returns> 'true' if initialization has been proccessed successfuly. </returns>

    Task<bool> InitializeAsync( ApplicationName appName );

    /// <summary> Deinitializes the client, resetting configurations and preparing it for a fresh start or application shutdown.

    /// </summary>

    Task DeinitializeAsync();

    #endregion Init / Deinit

    #region ServerReady

    /// <summary> Checks for server ready state and gets the '<see cref="ReadyResponse"/>' dataset with additional informations.

    /// </summary>

    /// <returns> The '<see cref="ReadyResponse"/>' dataset or 'null', if server is not ready. </returns>

    Task<ReadyResponse?> CheckServerReadyAsync();

    #endregion ServerReady

    #region Register / Login / Logout

    /// <summary> Shows the user registration window to create a new user account at Identity and Access Management (IAM) server.

    /// </summary>

    /// <returns> The '<see cref="AuthenticationRegisterResult"/>' dataset with contained token set, if login has been processed successfully. </returns>

    Task<AuthenticationRegisterResult?> RegisterAsync();

    /// <summary> Shows the login window and gets the access token from successful authentication and authorization procedures.

    /// </summary>

    /// <param name="userIdent"> The user identification from client's application settings. </param>

    /// <returns> The '<see cref="AuthenticationResult"/>' dataset with contained token set, if login has been processed successfully. </returns>

    Task<AuthenticationResult?> LoginAsync( UserIdent userIdent );

    /// <summary> Processes user logout for refresh token associated application.<br/>

    /// The available refresh token will be set as revoked in the database, which is why a full login process will be required the next time the application is started.

    /// </summary>

    /// <param name="refreshToken"> The refresh token to be set as revoked. </param>

    Task LogoutAsync( string refreshToken );

    #endregion Register / Login / Logout

    #region GetUpdatedTokenSet

    /// <summary> Creates a new access token from the assigned refresh token identifier, if it is expired, and also creates a new refresh token if its expired, too.

    /// </summary>

    /// <param name="authorizationRefreshRequest"> The '<see cref="AuthorizationRefreshRequest"/>' dataset that contains the authorization refresh data used for validation. </param>

    /// <returns>

    /// Item1 = The from authorization server created tokens and their expiration times.<br/>

    /// Item2 = 'true' specifies that the RefreshToken is invalid on server side (unauthorized).

    /// </returns>

    Task<(AuthorizationResponseSuccess?, bool)> GetUpdatedTokenSetAsync( AuthorizationRefreshRequest? authorizationRefreshRequest );

    #endregion GetUpdatedTokenSet

}

using IdentityAccessManagement.Shared.Models.API;

using IdentityAccessManagement.Shared.Models.API.Authentication;

using IdentityAccessManagement.Shared.Models.API.Authorization;

using Auth.Shared.Models.API;

using Auth.Shared.Models.API.Authentication;

using Auth.Shared.Models.API.Authorization;

using Auth.Shared.Models.UserIdent;

using Microsoft.AspNetCore.Mvc;

namespace IdentityAccessManagement.Shared.Interfaces;

/// <summary> Interface for authentication and authorization for usage of direct library access.

namespace Auth.Shared.Interfaces;

/// <summary> Interface of client's authentication and authorization used for direct library access.

/// </summary>

public interface IAAController

public interface IAuthController

{

    /// <summary> Checks for an accessible IAM server data and gets the number of available UserAccounts.

    /// </summary>

    /// <returns> Status code 'Ok' (200) for an accessible IAM server and the number of available UserAccounts. </returns>

    Task<ActionResult<bool>> Ready();

    /// <summary> Processes user registration at IAM server for a new (not existing) user.

    /// </summary>

    /// <param name="authenticationRegisterRequest"> The '<see cref="AuthenticationRegisterRequest"/>' dataset that contains the user account to be created.</param>

    /// <returns> Status code 'Ok' (200) for an successful registration and the created '<see cref="Models.UserIdent.UserIdent"/>' dataset. </returns>

    Task<ActionResult<AAResponse>> Register( [FromBody] AuthenticationRegisterRequest authenticationRegisterRequest );

    /// <returns> Status code 'Ok' (200) for an successful registration and the created '<see cref="UserIdent"/>' dataset. </returns>

    Task<ActionResult<AuthResponse>> Register( [FromBody] AuthenticationRegisterRequest authenticationRegisterRequest );

    /// <summary> Processes user login at IAM server for an existing user.

    /// </summary>

    /// <param name="authenticationRequest"> The '<see cref="AuthenticationLoginRequest"/>' dataset contains parameters to find the user to be logged in. </param>

    /// <returns> Status code 'Ok' (200) for an successful login and the created authentication code with associated '<see cref="Models.UserIdent.UserIdent"/>' dataset. </returns>

    Task<ActionResult<AAResponse>> Login( [FromBody] AuthenticationLoginRequest authenticationRequest );

    /// <returns> Status code 'Ok' (200) for an successful login and the created authentication code with associated '<see cref="UserIdent"/>' dataset. </returns>

    Task<ActionResult<AuthResponse>> Authenticate( [FromBody] AuthenticationLoginRequest authenticationRequest );

    /// <summary> Exchanges an assigned authorization code for a generated access token for a target application.

    /// </summary>

    /// <param name="authorizationRequest"> The '<see cref="AuthorizationRequest"/>' dataset contains the authorization code to create the access token. </param>

    /// <returns> Status code 'Ok' (200) for an successful authorization with the created access tokens and associtated expiry dates. </returns>

    Task<ActionResult<AAResponse>> Authorize( [FromBody] AuthorizationRequest authorizationRequest );

    Task<ActionResult<AuthResponse>> Token( [FromBody] AuthorizationRequest authorizationRequest );

    /// <summary> Creates a new refresh token from the assigned old one.<br/>

    /// Call this service before old access token expires. Otherwise, a new access token needs to be created via '<see cref="Login"/>' + '<see cref="Authorize"/>'.

    /// Call this service before old access token expires. Otherwise, a new access token needs to be created via '<see cref="Authenticate"/>' + '<see cref="Token"/>'.

    /// </summary>

    /// <param name="refreshToken"> The current refresh token, which is used to create a new access token.<br/>It also includes the name of processed application and the machine name. </param>

    /// <param name="authorizationRefreshRequest"> The '<see cref="AuthorizationRefreshRequest"/>' dataset that contains the authorization refresh data used for validation. </param>

    /// <returns> Status code 'Ok' (200) for an successful refresh and the created access tokens together with associtated expiry dates. </returns>

    Task<ActionResult<AAResponse>> Refresh( string refreshToken );

    Task<ActionResult<AuthResponse>> Refresh( AuthorizationRefreshRequest authorizationRefreshRequest );

    /// <summary> Processes user logout for assigned refresh token of associated application.<br/>

    /// The assigned refresh token will be deleted from the database, which is why a full login process will be required the next time the application is started.

    /// </summary>

    /// <param name="refreshToken"> The current refresh token, for which to process the logout. </param>

    /// <param name="authorizationRefreshRequest"> The '<see cref="AuthorizationRefreshRequest"/>' dataset that contains the authorization refresh data used for validation. </param>

    /// <returns> Status code 'Ok' (200) if logout was successful. </returns>

    IActionResult Logout( string refreshToken );

    IActionResult Logout( AuthorizationRefreshRequest authorizationRefreshRequest );

}

using Auth.Shared.Models;

using Auth.Shared.Models.API.UserAccount;

namespace Auth.Shared.Interfaces;

/// <summary> Interface provides the '<see cref="IIamApiClient"/>' definition for accessing IAM data endpoints.

/// </summary>

public interface IIamApiClient

{

    #region Init / Deinit

    /// <summary> Initializes the client with setting up necessary configurations and preparing it for IAM data endpoint communication.

    /// </summary>

    /// <returns> 'true' if initialization has been proccessed successfuly. </returns>

    Task<bool> InitializeAsync();

    /// <summary> Deinitializes the client, resetting configurations and preparing it for a fresh start or application shutdown.

    /// </summary>

    Task DeinitializeAsync();

    #endregion Init / Deinit

    #region UserAccount(s)

    /// <summary> Gets all user accounts.

    /// </summary>

    /// <param name="errorResponseAsPopup"> The flag specifies with 'true' to show error messages via popup dialog.<br/>'false' sends a notification to the application's log. </param>

    /// <returns> The collection of all user accounts. </returns>

    Task<UserAccountDto[]?> GetAllUserAccounts( bool errorResponseAsPopup );

    /// <summary> Gets the user account of assigned primary key.

    /// </summary>

    /// <param name="primaryKey"> The primary key of the user account to be filtered. </param>

    /// <param name="errorResponseAsPopup"> The flag specifies with 'true' to show error messages via popup dialog.<br/>'false' sends a notification to the application's log. </param>

    /// <returns> The user account of assigned primary key. </returns>

    Task<UserAccountDto?> GetUserAccountById( string primaryKey, bool errorResponseAsPopup );

    #endregion UserAccount(s)

    #region ThirdParty

    #region Init / Deinit (Gateway)

    /// <summary> Initializes the third party tool's proxy client for a specific application and identified user.<br/>

    /// Existing client instances of same application and identified user will be overridden.

    /// </summary>

    /// <param name="appName"> The '<see cref="ApplicationName"/>' value, for which the third party controller needs to be initialized. </param>

    /// <param name="userIdentPrimaryKey"> The primary key of the identified user, who wants to use the third party data endpoints. </param>

    /// <param name="baseUrl"> The base url of used end points. </param>

    /// <param name="errorResponseAsPopup"> The flag specifies with 'true' to show error messages via popup dialog.<br/>'false' sends a notification to the application's log. </param>

    /// <returns> 'true' if initialization has been processed successfully. </returns>

    Task<bool> InitThirdPartyGatewayAsync( ApplicationName appName, string userIdentPrimaryKey, string baseUrl, bool errorResponseAsPopup );

    /// <summary> Deinitializes the third party tool's proxy client for a specific application and identified user.<br/>

    /// </summary>

    /// <param name="appName"> The '<see cref="ApplicationName"/>' for which the third party controller needs to be deinitialized. </param>

    /// <param name="userIdentPrimaryKey"> The primary key of the identified user, who had used the third party data endpoints. </param>

    /// <param name="errorResponseAsPopup"> The flag specifies with 'true' to show error messages via popup dialog.<br/>'false' sends a notification to the application's log. </param>

    Task DeinitThirdPartyGatewayAsync( ApplicationName appName, string userIdentPrimaryKey, bool errorResponseAsPopup );

    #endregion Init / Deinit (Gateway)

    #region REST (Proxy)

    /// <summary> Forwards a GET request to the assigned third party application's resource endpoint.

    /// </summary>

    /// <param name="appName"> The identified '<see cref="ApplicationName"/>', for which the third party controller processes the request. </param>

    /// <param name="userIdentPrimaryKey"> The primary key of the identified user, who wants to use this third party data endpoint. </param>

    /// <param name="resource"> The relative endpoint url for the processed resource. </param>

    /// <param name="errorResponseAsPopup"> The flag specifies with 'true' to show error messages via popup dialog.<br/>'false' sends a notification to the application's log. </param>

    /// <returns> The forwarded content from assigned third party application's resource endpoint. </returns>

    Task<HttpResponseMessage?> GetThirdPartyAsync( ApplicationName appName, string userIdentPrimaryKey, string resource, bool errorResponseAsPopup );

    /// <summary> Forwards a POST request to the assigned third party application's resource endpoint.

    /// </summary>

    /// <param name="appName"> The identified '<see cref="ApplicationName"/>', for which the third party controller processes the request. </param>

    /// <param name="userIdentPrimaryKey"> The primary key of the identified user, who wants to use this third party data endpoint. </param>

    /// <param name="resource"> The relative endpoint url for the processed resource. </param>

    /// <param name="data"> The sended data object, which is converted to json. </param>

    /// <param name="errorResponseAsPopup"> The flag specifies with 'true' to show error messages via popup dialog.<br/>'false' sends a notification to the application's log. </param>

    /// <returns> The forwarded content from assigned third party application's resource endpoint. </returns>

    Task<HttpResponseMessage?> PostThirdPartyAsync( ApplicationName appName, string userIdentPrimaryKey, string resource, object data, bool errorResponseAsPopup );

    /// <summary> Forwards a PUT request to the assigned third party application's resource endpoint.

    /// </summary>

    /// <param name="appName"> The identified '<see cref="ApplicationName"/>', for which the third party controller processes the request. </param>

    /// <param name="userIdentPrimaryKey"> The primary key of the identified user, who wants to use this third party data endpoint. </param>

    /// <param name="resource"> The relative endpoint url for the processed resource. </param>

    /// <param name="data"> The sended data object, which is converted to json. </param>

    /// <param name="errorResponseAsPopup"> The flag specifies with 'true' to show error messages via popup dialog.<br/>'false' sends a notification to the application's log. </param>

    /// <returns> The forwarded content from assigned third party application's resource endpoint. </returns>

    Task<HttpResponseMessage?> PutThirdPartyAsync( ApplicationName appName, string userIdentPrimaryKey, string resource, object data, bool errorResponseAsPopup );

    /// <summary> Forwards a DELETE request to the assigned third party application's resource endpoint.

    /// </summary>

    /// <param name="appName"> The identified '<see cref="ApplicationName"/>', for which the third party controller processes the request. </param>

    /// <param name="userIdentPrimaryKey"> The primary key of the identified user, who wants to use this third party data endpoint. </param>

    /// <param name="resource"> The relative endpoint url for the processed resource. </param>

    /// <param name="errorResponseAsPopup"> The flag specifies with 'true' to show error messages via popup dialog.<br/>'false' sends a notification to the application's log. </param>

    /// <returns> The forwarded content from assigned third party application's resource endpoint. </returns>

    Task<HttpResponseMessage?> DeleteThirdPartyAsync( ApplicationName appName, string userIdentPrimaryKey, string resource, bool errorResponseAsPopup );

    #endregion REST (Proxy)

    #endregion ThirdParty

}

namespace IdentityAccessManagement.Shared.Models.API;

namespace Auth.Shared.Models.API;

/// <summary> Base implementation for common response handling of authentication and authorization.

/// </summary>

public record AAResponse

public record AuthResponse

{

}