/// <summary>
/// Зарегистрировать.
/// </summary>
/// <param name="input">Ввод.</param>
/// <returns>Задача с зарегистрированным пользователем.</returns>
public async Task <HostBasePartAuthUser> Register(ModAuthBaseJobRegisterInput input)
{
HostBasePartAuthUser result;
var data = new DataEntityObjectUser
{
UserName = input.DataUserName,
Email = input.DataEmail,
FullName = input.DataFullName
};
var userManager = input.UserManager;
var identityResult = await userManager.CreateAsync(data, input.DataPassword)
.CoreBaseExtTaskWithCurrentCulture(false);
if (identityResult.Succeeded)
{
result = await data.HostBasePartAuthExtCreateUser(userManager)
.CoreBaseExtTaskWithCurrentCulture(false);
}
else
{
throw new ModAuthBaseJobRegisterException(identityResult.Errors);
}
return(result);
}
/// <summary>
/// Хост. Основа. Часть "Auth". Расширение. Создать. Пользователя.
/// </summary>
/// <param name="data">Данные.</param>
/// <param name="userManager">Менеджер пользователя.</param>
/// <returns>Пользователь хоста.</returns>
public static async Task <HostBasePartAuthUser> HostBasePartAuthExtCreateUser(
this DataEntityObjectUser data,
UserManager <DataEntityObjectUser> userManager
)
{
var roles = await userManager.GetRolesAsync(data)
.CoreBaseExtTaskWithCurrentCulture(false);
return(data.HostBasePartAuthExtCreateUser(roles));
}
/// <summary>
/// Хост. Основа. Часть "Auth". Расширение. Создать. Пользователя.
/// </summary>
/// <param name="data">Данные.</param>
/// <param name="roles">Роли.</param>
/// <returns>Пользователь хоста.</returns>
public static HostBasePartAuthUser HostBasePartAuthExtCreateUser(
this DataEntityObjectUser data,
IEnumerable <string> roles
)
{
var result = new HostBasePartAuthUser
{
Id = data.Id,
UserName = data.UserName,
Email = data.Email,
FullName = data.FullName,
Roles = roles
};
return(result);
}
/// <summary>
/// JWT. Войти в систему.
/// </summary>
/// <param name="input">Ввод.</param>
/// <returns>Задача с выводом.</returns>
public async Task <ModAuthBaseCommonJobLoginJwtOutput> JwtLogin(ModAuthBaseCommonJobLoginInput input)
{
ModAuthBaseCommonJobLoginJwtOutput result = null;
if (!string.IsNullOrEmpty(input.DataPassword))
{
DataEntityObjectUser user = null;
var userManager = input.UserManager;
if (!string.IsNullOrEmpty(input.DataUserName))
{
user = await userManager.FindByNameAsync(input.DataUserName)
.CoreBaseExtTaskWithCurrentCulture(false);
}
else if (!string.IsNullOrEmpty(input.DataEmail))
{
user = await userManager.FindByEmailAsync(input.DataEmail)
.CoreBaseExtTaskWithCurrentCulture(false);
}
if (user != null)
{
var isOk = await userManager.CheckPasswordAsync(user, input.DataPassword)
.CoreBaseExtTaskWithCurrentCulture(false);
if (isOk)
{
result = await user.ModAuthBaseExtCreateHostBasePartAuthJobLoginJwtOutput(
userManager,
JwtService
);
}
}
}
if (result == null)
{
throw new ModAuthBaseCommonJobLoginException();
}
return(result);
}
/// <summary>
/// Мод "Auth". Основа. Расширение. Создать. Вывод от задания на вход в систему при помощи JWT.
/// </summary>
/// <param name="data">Данные.</param>
/// <param name="userManager">Менеджер пользователя.</param>
/// <param name="jwtService">Сервис JWT.</param>
/// <returns></returns>
public static async Task <ModAuthBaseCommonJobLoginJwtOutput> ModAuthBaseExtCreateHostBasePartAuthJobLoginJwtOutput(
this DataEntityObjectUser data,
UserManager <DataEntityObjectUser> userManager,
ICoreBaseAuthTypeJwtService jwtService
)
{
var result = new ModAuthBaseCommonJobLoginJwtOutput
{
CurrentUser = await data.HostBasePartAuthExtCreateUser(userManager)
.CoreBaseExtTaskWithCurrentCulture(false)
};
var claims = result.CurrentUser.HostBasePartAuthExtCreateUserClaims();
var userId = data.Id.ToString();
result.AccessToken = jwtService.CreateAccessToken(userId, claims);
result.RefreshToken = jwtService.CreateRefreshToken(userId);
return(result);
}
private async Task <DataEntityObjectUser> AddUser(
UserManager <DataEntityObjectUser> userManager,
RoleManager <DataEntityObjectRole> roleManager,
string userName,
string password,
string email,
string fullName,
IEnumerable <string> roleNames,
IEnumerable <Claim> claims,
string loginProvider,
string providerDisplayName,
string providerKey,
Func <IEnumerable <IdentityError>, HostBaseCommonIdentityException> funcCreateIdentityException
)
{
var user = new DataEntityObjectUser
{
Email = email,
FullName = fullName,
UserName = userName
};
var identityResult = string.IsNullOrWhiteSpace(password)
? await userManager.CreateAsync(user)
.CoreBaseExtTaskWithCurrentCulture(false)
: await userManager.CreateAsync(user, password)
.CoreBaseExtTaskWithCurrentCulture(false);
if (!identityResult.Succeeded)
{
throw funcCreateIdentityException(identityResult.Errors);
}
if (roleNames != null && roleNames.Any())
{
foreach (var roleName in roleNames)
{
await AddRole(roleManager, roleName)
.CoreBaseExtTaskWithCurrentCulture(false);
identityResult = await userManager.AddToRoleAsync(user, roleName)
.CoreBaseExtTaskWithCurrentCulture(false);
if (!identityResult.Succeeded)
{
throw funcCreateIdentityException(identityResult.Errors);
}
}
}
if (claims != null && claims.Any())
{
identityResult = await userManager.AddClaimsAsync(user, claims)
.CoreBaseExtTaskWithCurrentCulture(false);
if (!identityResult.Succeeded)
{
throw funcCreateIdentityException(identityResult.Errors);
}
}
if (!string.IsNullOrWhiteSpace(loginProvider))
{
var userLoginInfo = new UserLoginInfo(
loginProvider,
providerKey ?? user.Id.ToString(),
providerDisplayName
);
identityResult = await userManager.AddLoginAsync(user, userLoginInfo);
if (!identityResult.Succeeded)
{
throw funcCreateIdentityException(identityResult.Errors);
}
}
return(user);
}
)> ProcessCallbackGet(
IClientStore clientStore,
IEventService events,
HttpContext httpContext,
IIdentityServerInteractionService interaction,
HostBasePartAuthJobUserEntityCreateService jobUserEntityCreate,
ILogger logger,
RoleManager <DataEntityObjectRole> roleManager,
SignInManager <DataEntityObjectUser> signInManager,
UserManager <DataEntityObjectUser> userManager
)
{
// read external identity from the temporary cookie
var result = await httpContext.AuthenticateAsync(IdentityConstants.ExternalScheme)
.CoreBaseExtTaskWithCurrentCulture(false);
if (result?.Succeeded != true)
{
throw new ModIdentityServerBaseExceptionExternalAuthentication();
}
// lookup our user and external provider info
var(user, provider, providerUserId, claims) = await FindUserFromExternalProviderAsync(result, userManager);
if (user == null)
{
// this might be where you might initiate a custom workflow for user registration
// in this sample we don't show how that would be done, as our sample implementation
// simply auto-provisions new external user
user = await AutoProvisionUserAsync(
provider,
providerUserId,
claims,
logger,
jobUserEntityCreate,
roleManager,
userManager
).CoreBaseExtTaskWithCurrentCulture(false);
}
// this allows us to collect any additonal claims or properties
// for the specific prtotocols used and store them in the local auth cookie.
// this is typically used to store data needed for signout from those protocols.
var additionalLocalClaims = new List <Claim>();
var localSignInProps = new AuthenticationProperties();
ProcessCallbackGetForOidc(result, additionalLocalClaims, localSignInProps);
// issue authentication cookie for user
// we must issue the cookie maually, and can't use the SignInManager because
// it doesn't expose an API to issue additional claims from the login workflow
var principal = await signInManager.CreateUserPrincipalAsync(user)
.CoreBaseExtTaskWithCurrentCulture(false);
additionalLocalClaims.AddRange(principal.Claims);
var name = principal.FindFirst(JwtClaimTypes.Name)?.Value ?? user.Id.ToString();
await httpContext.SignInAsync(
user.Id.ToString(),
name,
provider,
localSignInProps,
additionalLocalClaims.ToArray()
).CoreBaseExtTaskWithCurrentCulture(false);
// delete temporary cookie used during external authentication
await httpContext.SignOutAsync(IdentityConstants.ExternalScheme)
.CoreBaseExtTaskWithCurrentCulture(false);
// retrieve return URL
var returnUrl = result.Properties.Items["returnUrl"] ?? "~/";
// check if external login is in the context of an OIDC request
var context = await interaction.GetAuthorizationContextAsync(returnUrl)
.CoreBaseExtTaskWithCurrentCulture(false);
await events.RaiseAsync(
new UserLoginSuccessEvent(
provider,
providerUserId,
user.Id.ToString(),
name,
true,
context?.ClientId
)
).CoreBaseExtTaskWithCurrentCulture(false);
var status = ModIdentityServerWebMvcPartExternalJobCallbackGetEnumStatuses.Default;
if (context != null)
{
var isPckeRequired = await clientStore.ModIdentityServerWebExtClientIsPkceRequired(context.ClientId)
.CoreBaseExtTaskWithCurrentCulture(false);
if (isPckeRequired)
{
// if the client is PKCE then we assume it's native, so this change in how to
// return the response is for better UX for the end user.
status = ModIdentityServerWebMvcPartExternalJobCallbackGetEnumStatuses.Redirect;
}
}
return(status, returnUrl);
}
