Customizing Auth response

kshahzad · May 19, 2023, 11:00pm

Hi Great Minds,

I am trying to customize the Auth response, which we received using this end point json/reply/authenticate. Below is the default response mentioned and the desired response.

Default response

{
    "userId": "1",
    "sessionId": "qYZdSbOEAgb9bBALxOvw",
    "userName": "admin@email.com",
    "displayName": "Admin User",
    "bearerToken": "eyJ0eXA.....",
    "refreshToken": "eyJ0eXA....",
    "profileUrl": "data:ima.....",
    "roles": [
        "Admin"
    ],
    "permissions": []
}

Desired response

{
   correlationId:123456987,
    errorCdoe:0,
    "userId": "1",
    "sessionId": "qYZdSbOEAgb9bBALxOvw",
    "userName": "admin@email.com",
    "displayName": "Admin User",
    "bearerToken": "eyJ0eXA.....",
    "refreshToken": "eyJ0eXA....",
    "profileUrl": "data:ima....."
 
}

To achieve the desired response, I have gone through docs and some stackoverflow QA here.

Now following your suggestion, I have managed to add additional properties in the meta.

this.GlobalResponseFilters.Add((req, res, responseDto) =>
        {
            if (res.Dto.GetType() == typeof(AuthenticateResponse))
            {
                CustomUserSession cs = (CustomUserSession)req.GetSession();
                Dictionary<string, string> otherData = new Dictionary<string, string>();
                otherData.Add("CustomData", cs.CustomData.ToString());
                ((AuthenticateResponse)res.Dto).Meta = otherData;
            }
        });

However I am also interested to know that how can I extend the AuthenticateResponse or the AuthService and accommodate my logic directly and use it in my application. Kindly advise.

Below is the ConfigureAuth class just FYR.

public class ConfigureAuth : IHostingStartup
    {
        public void Configure(IWebHostBuilder builder) => builder
            .ConfigureServices(services => {
                services.AddSingleton<ICacheClient>(new MemoryCacheClient()); //Store User Sessions in Memory Cache (default)
            })
            .ConfigureAppHost(appHost => {
                var appSettings = appHost.AppSettings;
                appHost.Plugins.Add(new AuthFeature(() => new CustomUserSession(),
                    new IAuthProvider[] {
                        new BasicAuthProvider(appSettings),                        
                        new JwtAuthProvider(appSettings)
                        {
                            AuthKey=AesUtils.CreateKey(),
                            UseTokenCookie=false,
                            RequireSecureConnection=false,
                            ExpireTokensIn=TimeSpan.FromSeconds(60),
                            ExpireRefreshTokensIn=TimeSpan.FromSeconds(120),

                        }
                    }));

                appHost.Plugins.Add(new RegistrationFeature()); //Enable /register Service

                //override the default registration validation with your own custom implementation
                appHost.RegisterAs<CustomRegistrationValidator, IValidator<Register>>();
                
            });
    }

mythz · May 20, 2023, 1:48am

Changing the Response Types of built-in Services will break existing clients expecting that Response Type. The Meta Dictionary is what you can use to attach additional metadata to the AuthenticateResponse.

If you need more than this you should call your own custom API instead which calls Authenticate service internally as done with the In Process Authenticated Requests example:

public class MyAdminServices : Service
{
    public async Task<object> Any(ImpersonateUser request)
    {
        using var service = base.ResolveService<AuthenticateService>(); //In Process
        var response = await service.PostAsync(new Authenticate {
            provider = AuthenticateService.CredentialsProvider,
            UserName = request.UserName,
        });
        if (response is IHttpResult httpResult)
        {
              httpResult.Response = /*...*/
        }
    }
}

Where you can return your desired response instead. You’ll need to handle when it returns a decorated HttpResult by replacing the response DTO and retaining the HttpResult.

Otherwise the alternative solution is to call a different API after you’re authenticated to retrieve whatever else the client needs.

kshahzad · May 20, 2023, 9:54pm

Hi @mythz,

As you have suggested I will use meta and will not try to change the response.

However just out of curiosity I am trying to see how things will look like by following your above approach of calling the AuthenticateService via In Process, but looks like I am unable to make use of the above code.
I have checked the document and couldn’t get it work. May I kindly request you to please help me by providing the complete code snippet of the above code snipped you have shared.

See in the above code snippet the response object is basically ServiceStack.AuthenticateResponse which is always mismatching this statement and

response is IHttpResult httpResult

and throwing error.

mythz · May 21, 2023, 11:57am

The AuthenticateResponse can be returned on its own or inside a decorated HttpResult, I’m just showing how to inspect and replace when it’s returned inside a HttpResult.

So your service would need to handle both cases, i.e. inside a HttpResult or on its own. You can use the GetResponseDto<T> extension method to resolve a Response DTO when it’s returned on its own or wrapped inside a HttpResult so your implementation can look something like:

var authResponse = response.GetResponseDto<AuthenticateResponse>();
var myResponse = MyResponse(authResponse);

if (response is IHttpResult httpResult)
{
    httpResult.Response = myResponse;
    return httpResult;
}
else
{
    return myResponse;
}

kshahzad · May 23, 2023, 2:35pm

@mythz thanks so much.