using System;
using System.Collections.Generic;
using OwinFramework.InterfacesV1.Middleware;
namespace OwinFramework.InterfacesV1.Facilities
{
///
/// Used to provide information about a sucesful login to a social network site
/// such as Google, Facebook Twitter etc
///
public interface ISocialAuthentication
{
///
/// A URL friendly string that uniquely identifies a consumer of this service.
/// Other facilities and middleware should use this to associate other information
/// with the caller. For example the Authorization middleware should associate
/// group membership with this identity and a user store can use this to
/// associate real name, email address physical address and preferences with the
/// identity of the caller.
///
string Identity { get; }
///
/// Returns a list of optional purposes associated with this login.
/// If this is null then the authentication is good for all purposes.
/// For example a user might want to create an API key that uses the shared
/// secret method of authentication. This API key should be associated with
/// the user but give only partial access, i.e. you can't do everything with
/// that user's account using the API key.
///
IList Purposes { get; }
///
/// Contains the authentication token that was received from the social service
/// when the user successfullly logged in to that service. This token can be used
/// to request access tokens from the social service.
///
string AuthenticationToken { get; }
}
///
/// Defines a facility that stores social login tokens that identify
/// users that registered using a 3rd party authentication such as Facebook, LinkedIn etc
///
public interface ISocialIdentityStore
{
///
/// Returns a list of the domain names for social services that can be used to
/// authenticate through this identity store. If the identity store dows not support
/// social login then this list will be empty.
///
IList SocialServices { get; }
///
/// Associates a sucessfull login to a social account (on Google, Facebook etc) with an identity.
/// Call this method only after the user has successfully authenticated with the social service.
///
/// The identity to associate
/// An identifier from the social login site that identifies this user on that site
/// The domain name of the social service
/// An identification token received from the social service for this
/// specific user. These are sometimes referred to as refresh tokens in social login APIs. This
/// token will be used later to obtain an access token for the social site
/// Optional list of purposes to limit the scope of this login
/// Pass true to delete other social logins for the same identity on the
/// same social service
/// True if this is a new social login and false if an existing one was updated
bool AddSocial(
string identity,
string userId,
string socialService,
string authenticationToken,
IEnumerable purposes = null,
bool replaceExisting = true);
///
/// Removes a social login account from an identity preventing login with this social account
///
/// True if the social login was deleted and False if it did not exist
bool DeleteSocial(string identity, string socialService);
///
/// Removes all social login account from an identity preventing login with these social accounts
///
bool DeleteAllSocial(string identity);
///
/// Each time a new session is established for an identity and the application needs to
/// communicate with a social service API it should call this method. This method will
/// return the authentication token obtained from the social service when the user logged in.
/// You can pass this authentication token along with the user ID to the social service to get
/// an access token and you can store the access token in session to gain access to social
/// site apis.
///
/// An identifier from the social login site that identifies this user on that site
/// The domain name of the social service that was used
ISocialAuthentication GetSocialAuthentication(string userId, string socialService);
}
}