public async Task <IActionResult> ValidateUserConsent([FromForm] ConsentUser userConsent) { // validate return url is still valid var request = await _interaction.GetAuthorizationContextAsync(userConsent.ReturnUrl); if (request == null) { return(Redirect("~/")); } /* * Add logic for consent not granted */ // communicate outcome of consent back to identityserver ConsentResponse userConsentResponse = new ConsentResponse { RememberConsent = userConsent.RememberMe, ScopesConsented = userConsent.GrantedScopes }; await _interaction.GrantConsentAsync(request, userConsentResponse); if (_interaction.IsValidReturnUrl(userConsent.ReturnUrl) || Url.IsLocalUrl(userConsent.ReturnUrl)) { return(Redirect(userConsent.ReturnUrl)); } return(Redirect("~/")); }
public async Task <IActionResult> OnPostCreateAsync() { ModelState.Clear(); TryValidateModel(Create); if (!ModelState.IsValid) { return(Page()); } var user = new ConsentUser { Email = Create.EmailAddress, UserName = Create.UserName }; var result = await userManager.CreateAsync(user, Create.Password); if (result.Succeeded) { if (Create.IsAdmin) { await userManager.AddToRoleAsync(user, "Website Admin"); } Message = $"User '{Create.UserName}' created"; return(RedirectToPage()); } foreach (var error in result.Errors) { ModelState.AddModelError(string.Empty, error.Description); } return(Page()); }
private async Task <ConsentUser> AutoProvisionUserAsync( string provider, string providerUserId, IEnumerable <Claim> claims) { // create a list of claims that we want to transfer into our store var filtered = new List <Claim>(); // user's display name var name = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Name)?.Value ?? claims.FirstOrDefault(x => x.Type == ClaimTypes.Name)?.Value; if (name != null) { filtered.Add(new Claim(JwtClaimTypes.Name, name)); } else { var first = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.GivenName)?.Value ?? claims.FirstOrDefault(x => x.Type == ClaimTypes.GivenName)?.Value; var last = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.FamilyName)?.Value ?? claims.FirstOrDefault(x => x.Type == ClaimTypes.Surname)?.Value; if (first != null && last != null) { filtered.Add(new Claim(JwtClaimTypes.Name, first + " " + last)); } else if (first != null) { filtered.Add(new Claim(JwtClaimTypes.Name, first)); } else if (last != null) { filtered.Add(new Claim(JwtClaimTypes.Name, last)); } } // email var email = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Email)?.Value ?? claims.FirstOrDefault(x => x.Type == ClaimTypes.Email)?.Value; if (email != null) { filtered.Add(new Claim(JwtClaimTypes.Email, email)); } var user = new ConsentUser { UserName = Guid.NewGuid().ToString(), }; var identityResult = await _userManager.CreateAsync(user); if (!identityResult.Succeeded) { throw new Exception(identityResult.Errors.First().Description); } if (filtered.Any()) { identityResult = await _userManager.AddClaimsAsync(user, filtered); if (!identityResult.Succeeded) { throw new Exception(identityResult.Errors.First().Description); } } identityResult = await _userManager.AddLoginAsync( user, new UserLoginInfo(provider, providerUserId, provider)); if (!identityResult.Succeeded) { throw new Exception(identityResult.Errors.First().Description); } return(user); }