[WIP] Update AuthenticationService info

DotBased.AspNet.Authority/Controllers/AuthorityController.cs

@@ -1,4 +1,3 @@
-using System.Security.Claims;
 using System.Text.Json;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authorization;
@@ -8,14 +7,13 @@ namespace DotBased.AspNet.Authority.Controllers;
 
 [ApiController]
 [Route("[controller]")]
-public class AuthorityController : ControllerBase
+public class AuthorityController(IAuthenticationService authenticationService) : ControllerBase
 {
     [HttpGet("auth/login")]
     [AllowAnonymous]
-    public async Task<ActionResult> LoginFromSchemeAsync([FromQuery(Name = "s")] string? scheme)
+    public async Task<ActionResult> LoginFromSchemeAsync([FromQuery(Name = "s")] string? scheme, [FromQuery(Name = "ss")] string? sessionScheme)
     {
-        var cPrincipal = new ClaimsPrincipal();
-        await HttpContext.SignInAsync(cPrincipal);
+        await authenticationService.AuthenticateAsync(HttpContext, scheme);
         return Ok();
     }
 

DotBased.AspNet.Authority/Handlers/AuthorityLoginAuthenticationHandler.cs

@@ -1,4 +1,3 @@
-using System.Security.Claims;
 using System.Text.Encodings.Web;
 using DotBased.AspNet.Authority.Managers;
 using DotBased.AspNet.Authority.Models.Options.Auth;
@@ -14,20 +13,11 @@ namespace DotBased.AspNet.Authority.Handlers;
 public class AuthorityLoginAuthenticationHandler(IOptionsMonitor<AuthorityLoginOptions> options,
     ILoggerFactory logger,
     UrlEncoder encoder,
-    AuthorityManager manager) : SignInAuthenticationHandler<AuthorityLoginOptions>(options, logger, encoder)
+    AuthorityManager manager) : AuthenticationHandler<AuthorityLoginOptions>(options, logger, encoder)
 {
+    // Validate credentials
     protected override Task<AuthenticateResult> HandleAuthenticateAsync()
     {
         throw new NotImplementedException();
     }
-
-    protected override Task HandleSignOutAsync(AuthenticationProperties? properties)
-    {
-        throw new NotImplementedException();
-    }
-
-    protected override Task HandleSignInAsync(ClaimsPrincipal user, AuthenticationProperties? properties)
-    {
-        throw new NotImplementedException();
-    }
 }

DotBased.AspNet.Authority/Services/AuthorityAuthenticationService.cs

@@ -20,27 +20,35 @@ public class AuthorityAuthenticationService(
     public IReadOnlyCollection<SchemeInfo> GetSchemeInfos(SchemeType schemeType) => _options.SchemeInfoMap.Where(s => s.Type == schemeType).ToList();
     public IReadOnlyCollection<SchemeInfo> GetAllSchemeInfos() => _options.SchemeInfoMap;
 
+    // Validate credentials
+    // Used internally by ASP.NET Core to determine if a user is authenticated. Can also be called manually to inspect authentication status.
     public override Task<AuthenticateResult> AuthenticateAsync(HttpContext context, string? scheme)
     {
-        
         return base.AuthenticateAsync(context, scheme);
     }
 
+    // Trigger login
+    // Used when access to a resource requires authentication, but the user has not provided valid credentials.
     public override Task ChallengeAsync(HttpContext context, string? scheme, AuthenticationProperties? properties)
     {
         return base.ChallengeAsync(context, scheme, properties);
     }
 
+    // Log user in, set cookie/token
+    // Called after successfully validating user credentials (e.g., after login form submission), to establish an authenticated session.
     public override Task SignInAsync(HttpContext context, string? scheme, ClaimsPrincipal principal, AuthenticationProperties? properties)
     {
         return base.SignInAsync(context, scheme, principal, properties);
     }
 
+    // Log out user and end auth session, remove cookie/token
     public override Task SignOutAsync(HttpContext context, string? scheme, AuthenticationProperties? properties)
     {
         return base.SignOutAsync(context, scheme, properties);
     }
 
+    // Deny access, return 403/return forbid page
+    // Used when a user is authenticated but lacks required roles/claims/permissions.
     public override Task ForbidAsync(HttpContext context, string? scheme, AuthenticationProperties? properties)
     {
         return base.ForbidAsync(context, scheme, properties);