In this section

Extended API Authentication

On this page we will explain how to integrate the authentication code for a dynamic insertion of the user information which is needed to retrieve the authentication token (Bearer-Token). For that we simply must extend our Controller with an expected body as well as give such body in the corresponding http-Call. Yet, how you will incorporate the retrieval process of the user information is all up to you, you can make with a simple login page/pop-up, or you can retrieve the information from your own company-account if it is saved there. In the example, we will make a simple variable that holds the information as an example.

In case you want to make your dynamic code accessible for a guest user who doesn’t have a login information, you can simply make an IF() statement in which you check if the user has sent an attribute in which he states that he is a guest, then you can simply request the token with a hard-coded user-information.

So that we can accept a body in the http-get-call, we need to create a model class for the body. Within the model class we will have 3 attributes.

IsGuest
Username
Password

We will also make the IsGuest required so that we can always determine if the user is a guest or not.

ClientInformation Model


using System.ComponentModel.DataAnnotations;

namespace Example.Model
{
    public class ClientInformationModel
    {
        public string? UserName { get; set; }
        public string? Userpassword { get; set; }
        [Required]
        public int IsGuest { get; set; }
    }
}

Extended Controller

Now that we have created the Model class for the expected body, we can extend the Controller.

Controller extended version



        [HttpPost]
        [Route("/token/getDynamically")]

        public async Task<string> GetTokenDynmaically(
            ClientInformationModel clientInformationModel
            )
        {
            if (clientInformationModel.IsGuest == 1)
            {
                //to be swapped with a guest information
                var guestUsername = "asda@ticketino.com";
                var guestPassword = "asdaPassword";

                
                var tokenResponseServer = await _client.RequestPasswordTokenAsync(new PasswordTokenRequest
                {
                    //dynamic variable for Token request on database
                    Address = _client.BaseAddress.ToString(),
                    ClientId = "public-access-api",
                    UserName = guestUsername,
                    Password = guestPassword,
                    Scope = "api openid"
                });

                if (tokenResponseServer.IsError)
                {
                    return "ERROR: There was an error, please refresh the page and try again";
                }
                 

                //returns accessToken back to user 
                return tokenResponseServer.AccessToken;
            }


            if (clientInformationModel.IsGuest == 0)
            {


                var tokenResponse = await _client.RequestPasswordTokenAsync(new PasswordTokenRequest
                {
                    //hardcoded variable for Token request on database
                    Address = _client.BaseAddress.ToString(),
                    ClientId = "public-access-api",
                    UserName = clientInformationModel.UserName,
                    Password = clientInformationModel.Userpassword,
                    Scope = "api openid"
                });

                if (tokenResponse.IsError)
                {
                    return "ERROR: There was an error, please refresh the page and try again";
                }
                //returns accessToken back to user 
                return tokenResponse.AccessToken;
            }

            //if something goes wrong and it hits none of the if
            return "";
            
        }