1. Home
  2. Forum
  3. ASP.NET Core
  4. Implement ASP.NET Core Web API with JWT and callback url

Implement ASP.NET Core Web API with JWT and callback url

I have the following scenario for API integration guide:

As its goal is the process of verifying the user who logs into the portal using his ID number, the client will enter his ID number in the text box ,then he will click on the login button ,after that the portal will send the ID number that was entered by the user using the API to another external system called (NAFATH System) that is hosting in external server and not locally, then that NAFATH system will response and send a random number to a special mobile application (NAFATH App).

The developer will show the random number on the login page in the portal and through the NAFATH App, the user will select the desired number from three random numbers shown in the NAFATH App, as only one of them is the correct random number.

The NAFATH system then will check the selected random number from the user and if the selected random number is right and true, then the NAFATH system will send the response to the call-back page in the portal whereas the callback URL like that:

http://mysite.com/iam-callback

where the portal site is:

http://mysite.com


We have two parts:

The first part needs to be implemented to complete the authorization request flow. This flow initiates a new request within the NAFATH app for the targeted User.

Which the Sample Request Body like:

{“id": "1000062537",

"action": "SpRequest",

"service": "Login”}

And the Sample Response like:

{“transId": "3136fd60-3f89-4d24-a92f-b9c63a53807f",

"random": "38”}


transId : A transaction ID, it's a unique identifying number.

random: The number should be displayed to the user so he can click on the Mobile app.


The second part needs to be implemented to complete the NAFATH App Authorization Request Flow.

The portal must provide a destination URL (http://mysite.com/iam-callback) that should be published on the internet using a fully qualified domain name (FQDN) where the NAFATH system’s response will be posted.

The portal should check the response and if the user is authenticated, it will redirect the user to another page inside the portal, that means the user is authenticated.

For Sample Response Body:

NAFATH system will send an acknowledgment response to the portal on two cases:

COMPLETED: successful transaction (within the time frame and correct random)

REJECTED: The user rejects the transaction.


For Sample COMPLETED Body like:

{"response":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySW5mbyI6eyJpZCI6MTAwMDAwMDQ0NiwiaWRWZXJzaW9uIjoxLCJhckZpcnN0Ijoi2KfYrdmF2K8iLCJhckZhdGhlciI6ItmB2YfYryIsImFyR3JhbmQiOiLZhdit2YXYryIsImFyRmFtaWx5Ijoi2KfZhNiu2KfZhNivIiwiZW5GaXJzdCI6IkFITUVEIiwiZW5GYXRoZXIiOiJGQUhBRCIsImVuR3JhbmQiOiJNT0hBTU1FRCIsImVuRmFtaWx5IjoiU0FVRCIsImFyVHdvTmFtZXMiOiLYp9it2YXYryDYp9mE2K7Yp9mE2K8iLCJlblR3b05hbWVzIjoiQUhNRUQgU0FVRCIsImFyRnVsbE5hbWUiOiLYp9it2YXYryDZgdmH2K8g2YXYrdmF2K8g2KfZhNiu2KfZhNivIiwiZW5GdWxsTmFtZSI6IkFITUVEIEZBSEFEIE1PSEFNTUVEIFNBVUQiLCJnZW5kZXIiOiJNIiwiaWRJc3N1ZURhdGVHIjoiMjAxNS0wMC0xNiIsImlkSXNzdWVEYXRlSCI6MTQzNjA3MjgsImlkRXhwaXJ5RGF0ZUciOiIyMDM0LTAwLTEwIiwiaWRFeHBpcnlEYXRlSCI6MTQ1NjA3MjgsIm5hdGlvbmFsaXR5IjoxMTMsImxhbmd1YWdlIjoiQSIsImFyTmF0aW9uYWxpdHkiOiLYp9mE2LnYsdio2YrYqSDYp9mE2LPYudmI2K_ZitipIiwiZW5OYXRpb25hbGl0eSI6IlNhdWRpIEFyYWJpYSIsImRvYkciOiIxOTc5LTAwLTI3IiwiZG9iSCI6MTM5OTA3MDEsImFyQ2FyZElzc3VlUGxhY2UiOiLYp9it2YjYp9mEINin2YTYsdmK2KfYtiIsImVuQ2FyZElzc3VlUGxhY2UiOiJQZXJzb25hbCBTdGF0dXMgQWRtaW5pc3RyYXRpb24sIFJpeWFkaCJ9LCJhdWQiOiJUQ0NfU1BfVEVTVCIsImV4cCI6MTY3MzQyNzk2NiwiaXNzIjoiTmFmYXRoIEFwcCBUZXN0IiwiaWF0IjoxNjczNDI3MzY2LCJuYmYiOjE2NzM0MjczNjZ9.JvwBxO2ynUv1OXqp-4m8-CDeu9C2MsWKs5EskqLcq9xfv0hBzlsW5bTo7-aRG6VWpv04odYDp_OS6sS8iAf5rY4mq5zQtYs4Pksee47k_1guTqRw8_7tJKOGh_TTWSsmP_4KvkOsuH2fhRevVASIAw0xLRdOBazSMf4H-b-ddyPSeGL3bcDIcjq5qlXw9tHBVyzIxj-_XYhBNgkWJBXxkySEwtxfgUZ4J_UcYIWWQKeaqzDPPMjcj510a4ZBv5ulAX7ig0ez9U7ABMFytyI_vaHnqte9n615lP418_br-TNyWYxB88qcjdGhaPT1ijnUhzjJfP_s2pIT43aKFPplg",

"status":"COMPLETED",

"transId":"b1d64420-9fa9-475e-ad13-864cba704078",

"serviceName":"Login"}


Which Completed Response Elements like:

response { "userInfo":{ "id":1000000446, "idVersion":1, "NameFirst":"Mark", "NameFather":"Sari","gender":"M",

"IdIssueDateG":"2015-00-16", "idExpiryDateG":"2034-00-10", "idExpiryDateH":14560728, "nationality":113},

"aud":"TCC_SP_TEST",

"exp":1671726627,

"iss":"App Test",

"iat":1671726027,

"nbf":1671726027}


How I can implement that scenario using my project which is created by Visual Studio with .Net Core and have the following projects inside the solution:

Nop.Core

Nop.Data

Nop.Services

Nop.Web.Framework

Nop.Web




1 Reply
MC Mohan Chandran Syncfusion Team February 5, 2024 12:06 PM UTC

Hi Abdulhadi

The query is not related to XlsIO or any Syncfusion controls. 

Regards,

Mohan.


Loader.
Up arrow icon