public async Task <IHttpActionResult> ObtainLocalAccessToken(string provider, string externalAccessToken)
{
if (string.IsNullOrWhiteSpace(provider) || string.IsNullOrWhiteSpace(externalAccessToken))
{
return(BadRequest("Provider or external access token is not sent"));
}
var verifiedAccessToken = await VerifyExternalAccessToken(provider, externalAccessToken);
if (verifiedAccessToken == null)
{
return(BadRequest("Invalid Provider or External Access Token"));
}
var user =
await JWTUserLoginManager.FindUserByLoginAsync(new IdentityUserLogin()
{
LoginProvider = provider,
ProviderKey = verifiedAccessToken.user_id
}
);
var hasRegistered = user != null;
if (!hasRegistered)
{
return(BadRequest("External user is not registered"));
}
//generate access token response
var accessTokenResponse = GenerateLocalAccessTokenResponse(user);
return(Ok(accessTokenResponse));
}
public async Task <IHttpActionResult> GetExternalLogin(string provider, string error = null)
{
var redirectUri = string.Empty;
if (error != null)
{
return(BadRequest(Uri.EscapeDataString(error)));
}
if (User == null || !User.Identity.IsAuthenticated)
{
return(new ChallengeResult(provider, this));
}
var redirectUriValidationResult = ValidateClientAndRedirectUri(ref redirectUri);
if (!string.IsNullOrWhiteSpace(redirectUriValidationResult))
{
return(BadRequest(redirectUriValidationResult));
}
var externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
if (externalLogin == null)
{
return(InternalServerError());
}
if (externalLogin.LoginProvider != provider)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(new ChallengeResult(provider, this));
}
var user =
await
JWTUserLoginManager.FindUserByLoginAsync(new IdentityUserLogin()
{
LoginProvider = externalLogin.LoginProvider,
ProviderKey = externalLogin.ProviderKey
}
);
var hasRegistered = user != null;
redirectUri = string.Format(
"{0}#external_access_token={1}&provider={2}&haslocalaccount={3}&external_user_name={4}&email={5}"
, redirectUri
, externalLogin.ExternalAccessToken
, externalLogin.LoginProvider
, hasRegistered.ToString()
, externalLogin.UserName.Trim().Replace(" ", "")
, externalLogin.Email
);
return(Redirect(redirectUri));
}
public async Task <IHttpActionResult> RegisterExternal(RegisterExternalBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var verifiedAccessToken = await VerifyExternalAccessToken(model.Provider, model.ExternalAccessToken);
if (verifiedAccessToken == null)
{
return(BadRequest("Invalid Provider or External Access Token"));
}
var user =
await JWTUserLoginManager.FindUserByLoginAsync(new IdentityUserLogin()
{
LoginProvider = model.Provider,
ProviderKey = verifiedAccessToken.user_id
}
);
var hasRegistered = user != null;
if (hasRegistered)
{
return(BadRequest("External user is already registered"));
}
user = new IdentityUser(model.ClientId, model.UserName)
{
Email = model.EMail
};
var result = await JWTUserManager.CreateAsync(user);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
var userRole = await JWTRoleManager.FindByNameAsync(IdentityConstants.User);
if (userRole != null)
{
await JWTUserManager.AddToRoleAsync(user, userRole);
}
result = await JWTUserLoginManager.CreateAsync(new IdentityUserLogin()
{
UserId = user.Id
, ClientId = user.ClientId
, LoginProvider = model.Provider
, ProviderKey = verifiedAccessToken.user_id
}
);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
//generate access token response
var accessTokenResponse = GenerateLocalAccessTokenResponse(user);
return(Ok(accessTokenResponse));
}
