From 671b63881af9bd5c9a052f04d036a9297424c3df Mon Sep 17 00:00:00 2001
From: "terentev.a.a" <terentev.a.a@recloud.tech>
Date: Mon, 2 Dec 2024 20:09:47 +0300
Subject: [PATCH 1/5] Handle invalid credentials in AzuriomAuthService.

Add a specific error message for invalid credentials to improve error handling and user feedback. The new condition checks for a failed status code along with "invalid_credentials" in the response content, providing a clear response to the client.
---
 .../Core/Integrations/Auth/AzuriomAuthService.cs         | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/Gml.Web.Api/Core/Integrations/Auth/AzuriomAuthService.cs b/src/Gml.Web.Api/Core/Integrations/Auth/AzuriomAuthService.cs
index 07cfee3..a539fef 100644
--- a/src/Gml.Web.Api/Core/Integrations/Auth/AzuriomAuthService.cs
+++ b/src/Gml.Web.Api/Core/Integrations/Auth/AzuriomAuthService.cs
@@ -34,6 +34,15 @@ public async Task<AuthResult> Auth(string login, string password)
 
         var model = JsonConvert.DeserializeObject<AzuriomAuthResult>(resultContent);
 
+        if (!result.IsSuccessStatusCode && resultContent.Contains("invalid_credentials", StringComparison.OrdinalIgnoreCase))
+        {
+            return new AuthResult
+            {
+                IsSuccess = false,
+                Message = $"Неверный логин или пароль."
+            };
+        }
+
         if (model is null || model.Banned || !result.IsSuccessStatusCode || (!result.IsSuccessStatusCode && resultContent.Contains("banned", StringComparison.OrdinalIgnoreCase)))
         {
             return new AuthResult

From 8ae04ff409ffe62fe046771f616efd385bb5ffca Mon Sep 17 00:00:00 2001
From: "terentev.a.a" <terentev.a.a@recloud.tech>
Date: Mon, 2 Dec 2024 20:15:20 +0300
Subject: [PATCH 2/5] Update submodule link Gml.Core

---
 src/Gml.Core | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Gml.Core b/src/Gml.Core
index 2f81262..1b6c83f 160000
--- a/src/Gml.Core
+++ b/src/Gml.Core
@@ -1 +1 @@
-Subproject commit 2f812624e2b67722583247d29b99d71ee76c3309
+Subproject commit 1b6c83f353f163678022c039ceba148a82f199f9

From e04a4917babf1212507e932cd1453d997d33f736 Mon Sep 17 00:00:00 2001
From: "terentev.a.a" <terentev.a.a@recloud.tech>
Date: Mon, 2 Dec 2024 20:15:35 +0300
Subject: [PATCH 3/5] Update submodule link Gml.Core

---
 src/Gml.Core | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Gml.Core b/src/Gml.Core
index 1b6c83f..20fa9fc 160000
--- a/src/Gml.Core
+++ b/src/Gml.Core
@@ -1 +1 @@
-Subproject commit 1b6c83f353f163678022c039ceba148a82f199f9
+Subproject commit 20fa9fc8826e1a687e11ca659611111d912603d1

From 36f00994f871a64908485e150b1201a1d90c5ad4 Mon Sep 17 00:00:00 2001
From: "terentev.a.a" <terentev.a.a@recloud.tech>
Date: Wed, 4 Dec 2024 09:41:32 +0300
Subject: [PATCH 4/5] Update AuthIntegrationHandler for access token validation

Replaced password validation with access token validation in the `AuthIntegrationHandler` to align with new security protocols. This change ensures that authorization errors are returned when an access token is missing, improving the accuracy of authentication feedback.
---
 src/Gml.Web.Api/Core/Handlers/AuthIntegrationHandler.cs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Gml.Web.Api/Core/Handlers/AuthIntegrationHandler.cs b/src/Gml.Web.Api/Core/Handlers/AuthIntegrationHandler.cs
index 1068c3b..c14dc22 100644
--- a/src/Gml.Web.Api/Core/Handlers/AuthIntegrationHandler.cs
+++ b/src/Gml.Web.Api/Core/Handlers/AuthIntegrationHandler.cs
@@ -103,10 +103,10 @@ public static async Task<IResult> AuthWithToken(
                     "Не удалось определить устройство, с которого произошла авторизация",
                     HttpStatusCode.BadRequest));
 
-            if (authType is not AuthType.Any && string.IsNullOrEmpty(authDto.Password))
+            if (authType is not AuthType.Any && string.IsNullOrEmpty(authDto.AccessToken))
             {
                 return Results.BadRequest(ResponseMessage.Create(
-                    "Не указан пароль при авторизации!",
+                    "Не был передан AccessToken",
                     HttpStatusCode.BadRequest));
             }
 

From 9f9694aa0cf7f3d983722428c4990035daeaded8 Mon Sep 17 00:00:00 2001
From: "terentev.a.a" <terentev.a.a@recloud.tech>
Date: Thu, 5 Dec 2024 05:59:34 +0300
Subject: [PATCH 5/5] Remove superuser property from UnicoreAuthResult.

This change deletes the superuser property from the UnicoreAuthResult class to streamline authentication data handling. The superuser role management will be handled separately or is no longer required in this context. Additional logic or methods relying on this property have been reviewed to ensure consistency.
---
 src/Gml.Web.Api.Domains/Integrations/UnicoreAuthResult.cs | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/Gml.Web.Api.Domains/Integrations/UnicoreAuthResult.cs b/src/Gml.Web.Api.Domains/Integrations/UnicoreAuthResult.cs
index c6aecac..62e453c 100644
--- a/src/Gml.Web.Api.Domains/Integrations/UnicoreAuthResult.cs
+++ b/src/Gml.Web.Api.Domains/Integrations/UnicoreAuthResult.cs
@@ -41,9 +41,6 @@ public class User
     [JsonProperty("password")]
     public string Password { get; set; }
 
-    [JsonProperty("superuser")]
-    public bool Superuser { get; set; }
-
     [JsonProperty("activated")]
     public bool Activated { get; set; }