Beispiel #1
0
        public async Task <IHttpActionResult> CreateExternalUser(ExternalUserCreationData model)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }

            var user = new ApplicationUser
            {
                UserName  = model.Email,
                Email     = model.Email,
                FirstName = model.FirstName,
                Surname   = model.Surname,
            };

            user.Claims.Add(new IdentityUserClaim
            {
                ClaimType  = ClaimTypes.AuthenticationMethod,
                ClaimValue = Claims.CanAccessExternalArea,
                UserId     = user.Id
            });

            var result = await userManager.CreateAsync(user, model.Password);

            if (!result.Succeeded)
            {
                return(GetErrorResult(result));
            }

            await SendActivationEmail(user.Id, user.Email, model.ActivationBaseUrl);

            return(Ok(user.Id));
        }
        public async Task<IHttpActionResult> CreateExternalUser(ExternalUserCreationData model)
        {
            if (!ModelState.IsValid)
            {
                return BadRequest(ModelState);
            }

            var user = new ApplicationUser
            {
                UserName = model.Email,
                Email = model.Email,
                FirstName = model.FirstName,
                Surname = model.Surname,
            };

            user.Claims.Add(new IdentityUserClaim
            {
                ClaimType = ClaimTypes.AuthenticationMethod,
                ClaimValue = Claims.CanAccessExternalArea,
                UserId = user.Id
            });

            var result = await userManager.CreateAsync(user, model.Password);

            if (!result.Succeeded)
            {
                return GetErrorResult(result);
            }

            await SendActivationEmail(user.Id, user.Email, model.ActivationBaseUrl);

            return Ok(user.Id);
        }
Beispiel #3
0
        public async Task <string> CreateExternalUserAsync(ExternalUserCreationData userCreationData, string accessToken)
        {
            httpClient.SetBearerToken(accessToken);

            var response = await httpClient.PostAsJsonAsync(Controller + "CreateExternalUser", userCreationData);

            return(await response.CreateResponseAsync <string>());
        }
Beispiel #4
0
        public async Task CreateExternalUser_WithValidModel_IssuesCanAccessExternalAreaClaim()
        {
            // Arrange
            ApplicationUser        capturedUser = null;
            ApplicationUserManager userManager  = A.Fake <ApplicationUserManager>();

            A.CallTo(() => userManager.CreateAsync(A <ApplicationUser> ._))
            .Invokes((ApplicationUser user) => capturedUser = user)
            .Returns(IdentityResult.Success);

            A.CallTo(() => userManager.CreateAsync(A <ApplicationUser> ._, A <string> ._))
            .Invokes((ApplicationUser user, string password) => capturedUser = user)
            .Returns(IdentityResult.Success);

            IUserContext            userContext            = A.Fake <IUserContext>();
            IWeeeEmailService       emailService           = A.Fake <IWeeeEmailService>();
            IGetAdminUserDataAccess getAdminUserDataAccess = A.Dummy <IGetAdminUserDataAccess>();

            UnauthenticatedUserController controller = new UnauthenticatedUserController(
                userManager,
                userContext,
                emailService,
                getAdminUserDataAccess);

            ExternalUserCreationData model = new ExternalUserCreationData()
            {
                FirstName         = "John",
                Surname           = "Smith",
                Email             = "*****@*****.**",
                Password          = "******",
                ConfirmPassword   = "******",
                ActivationBaseUrl = "ActivationBaseUrl"
            };

            // Act
            await controller.CreateExternalUser(model);

            // Assert
            Assert.NotNull(capturedUser);

            int claimCount = capturedUser.Claims.Count(
                c => c.ClaimType == ClaimTypes.AuthenticationMethod &&
                c.ClaimValue == Claims.CanAccessExternalArea);

            Assert.True(claimCount == 1, "A single \"CanAccessExterna;Area\" claim was not issued to the user.");
        }
 public async Task<string> CreateExternalUserAsync(ExternalUserCreationData userCreationData)
 {
     var response = await httpClient.PostAsJsonAsync(Controller + "CreateExternalUser", userCreationData);
     return await response.CreateResponseAsync<string>();
 }
Beispiel #6
0
        public async Task <ActionResult> UserCreation(UserCreationViewModel model)
        {
            if (ModelState.IsValid)
            {
                using (var client = apiClient())
                {
                    var userCreationData = new ExternalUserCreationData
                    {
                        Email             = model.Email,
                        FirstName         = model.Name,
                        Surname           = model.Surname,
                        Password          = model.Password,
                        ConfirmPassword   = model.ConfirmPassword,
                        ActivationBaseUrl = externalRouteService.ActivateExternalUserAccountUrl,
                    };

                    try
                    {
                        var response = await oauthClientCredential().GetClientCredentialsAsync();

                        await client.User.CreateExternalUserAsync(userCreationData, response.AccessToken);

                        var signInResponse = await oauthClient().GetAccessTokenAsync(model.Email, model.Password);

                        authenticationManager.SignIn(signInResponse.GenerateUserIdentity());

                        return(RedirectToAction("UserAccountActivationRequired", "Account"));
                    }
                    catch (ApiBadRequestException ex)
                    {
                        this.HandleBadRequest(ex);

                        if (ModelState.IsValid)
                        {
                            throw;
                        }

                        foreach (var modelState in ViewData.ModelState.Values.ToList())
                        {
                            List <int>    errorsToRemoveIndex = new List <int>();
                            List <String> errorsToAdd         = new List <string>();
                            for (var i = modelState.Errors.Count - 1; i >= 0; i--)
                            {
                                if (modelState.Errors[i].ErrorMessage.Contains("Passwords") && modelState.Value == null)
                                {
                                    errorsToRemoveIndex.Add(i);
                                }
                                else if (modelState.Errors[i].ErrorMessage.Contains("is already taken"))
                                {
                                    errorsToRemoveIndex.Add(i);
                                    errorsToAdd.Add("An account already exists with this email address. Sign in or reset your password.");
                                }
                            }
                            foreach (int index in errorsToRemoveIndex)
                            {
                                modelState.Errors.RemoveAt(index);
                            }
                            foreach (string error in errorsToAdd)
                            {
                                modelState.Errors.Add(error);
                            }
                        }
                    }
                    return(View(model));
                }
            }

            return(View(model));
        }