public async Task <IHttpActionResult> AddExternalLogin(AddExternalLoginBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
AuthenticationTicket ticket = AccessTokenFormat.Unprotect(model.ExternalAccessToken);
if (ticket == null || ticket.Identity == null || (ticket.Properties != null &&
ticket.Properties.ExpiresUtc.HasValue &&
ticket.Properties.ExpiresUtc.Value < DateTimeOffset.UtcNow))
{
return(BadRequest("External login failure."));
}
ExternalLoginData externalData = ExternalLoginData.FromIdentity(ticket.Identity);
if (externalData == null)
{
return(BadRequest("The external login is already associated with an account."));
}
IdentityResult result = await UserManager.AddLoginAsync(User.Identity.GetUserId(),
new UserLoginInfo(externalData.LoginProvider, externalData.ProviderKey));
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
return(Ok());
}
public async Task <IHttpActionResult> AddExternalLogin(AddExternalLoginBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
AuthenticationTicket ticket = AccessTokenFormat.Unprotect(model.ExternalAccessToken);
if (ticket == null || ticket.Identity == null || (ticket.Properties != null &&
ticket.Properties.ExpiresUtc.HasValue &&
ticket.Properties.ExpiresUtc.Value < DateTimeOffset.UtcNow))
{
return(BadRequest("Fehler bei der externen Anmeldung."));
}
ExternalLoginData externalData = ExternalLoginData.FromIdentity(ticket.Identity);
if (externalData == null)
{
return(BadRequest("Die externe Anmeldung ist bereits einem Konto zugeordnet."));
}
IdentityResult result = await UserManager.AddLoginAsync(User.Identity.GetUserId(),
new UserLoginInfo(externalData.LoginProvider, externalData.ProviderKey));
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
return(Ok());
}
public async Task <ResponseMessage> AddExternalLogin(AddExternalLoginBindingModel model)
{
//string ip = StaticTools.GetIp(Request);
try
{
if (!ModelState.IsValid)
{
return(new ResponseMessage(Tools.ResponseMessage.ResponseCode.AuthenticationFailed, ErrorMessages.RegisterError, ModelState));;
}
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
AuthenticationTicket ticket = AccessTokenFormat.Unprotect(model.ExternalAccessToken);
if (ticket == null || ticket.Identity == null || (ticket.Properties != null &&
ticket.Properties.ExpiresUtc.HasValue &&
ticket.Properties.ExpiresUtc.Value < DateTimeOffset.UtcNow))
{
return(new ResponseMessage(Tools.ResponseMessage.ResponseCode.AuthenticationFailed, "ورود خارجی ناموفق"));;
}
ExternalLoginData externalData = ExternalLoginData.FromIdentity(ticket.Identity);
if (externalData == null)
{
return(new ResponseMessage(Tools.ResponseMessage.ResponseCode.AuthenticationFailed, "The external login is already associated with an account."));
}
IdentityResult result = await UserManager.AddLoginAsync(User.Identity.GetUserId(),
new UserLoginInfo(externalData.LoginProvider, externalData.ProviderKey));
if (!result.Succeeded)
{
return(new ResponseMessage(Tools.ResponseMessage.ResponseCode.AuthenticationFailed, ErrorMessages.RegisterError, result));
}
return(Tools.ResponseMessage.Ok);
}
catch
{
return(Tools.ResponseMessage.InternalError);
}
}
public async Task <IHttpActionResult> AddExternalLogin(AddExternalLoginBindingModel model)
{
if (!this.ModelState.IsValid)
{
return(this.BadRequest(this.ModelState));
}
this.Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
var ticket = this.AccessTokenFormat.Unprotect(model.ExternalAccessToken);
if (ticket == null || ticket.Identity == null ||
(ticket.Properties != null && ticket.Properties.ExpiresUtc.HasValue &&
ticket.Properties.ExpiresUtc.Value < DateTimeOffset.UtcNow))
{
return(this.BadRequest("Failed to login to the external provider."));
}
var externalData = ExternalLoginData.FromIdentity(ticket.Identity);
if (externalData == null)
{
return(this.BadRequest("This external login is already associated with an account."));
}
var result =
await
this.UserManager.AddLoginAsync(
this.User.Identity.GetUserId(),
new UserLoginInfo(externalData.LoginProvider, externalData.ProviderKey));
var errorResult = this.GetErrorResult(result);
if (errorResult != null)
{
return(errorResult);
}
return(this.Ok());
}
public async Task <IHttpActionResult> AddExternalLogin(AddExternalLoginBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
AuthenticationTicket ticket = AccessTokenFormat.Unprotect(model.ExternalAccessToken);
if (ticket == null || ticket.Identity == null || (ticket.Properties != null &&
ticket.Properties.ExpiresUtc.HasValue &&
ticket.Properties.ExpiresUtc.Value < DateTimeOffset.UtcNow))
{
return(BadRequest("Error de inicio de sesión externo."));
}
ExternalLoginData externalData = ExternalLoginData.FromIdentity(ticket.Identity);
if (externalData == null)
{
return(BadRequest("El inicio de sesión externo ya está asociado con una cuenta."));
}
IdentityResult result = await UserManager.AddLoginAsync(User.Identity.GetUserId(),
new UserLoginInfo(externalData.LoginProvider, externalData.ProviderKey));
IHttpActionResult errorResult = GetErrorResult(result);
if (errorResult != null)
{
return(errorResult);
}
return(Ok());
}
public async Task <IHttpActionResult> AddExternalLogin(AddExternalLoginBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Authentication.SignOut(DefaultAuthenticationTypes.ExternalBearer);
AuthenticationTicket ticket = AccessTokenFormat.Unprotect(model.ExternalAccessToken);
if (ticket == null || ticket.Identity == null || (ticket.Properties != null &&
ticket.Properties.ExpiresUtc.HasValue &&
ticket.Properties.ExpiresUtc.Value < DateTimeOffset.UtcNow))
{
return(BadRequest("Сбой внешнего входа."));
}
ExternalLoginData externalData = ExternalLoginData.FromIdentity(ticket.Identity);
if (externalData == null)
{
return(BadRequest("Внешнее имя входа уже связано с учетной записью."));
}
IdentityResult result = await UserManager.AddLoginAsync(User.Identity.GetUserId(),
new UserLoginInfo(externalData.LoginProvider, externalData.ProviderKey));
IHttpActionResult errorResult = GetErrorResult(result);
if (errorResult != null)
{
return(errorResult);
}
return(Ok());
}
public async Task<IHttpActionResult> AddExternalLogin(AddExternalLoginBindingModel model)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
AuthenticationTicket ticket = AccessTokenFormat.Unprotect(model.ExternalAccessToken);
if (ticket == null || ticket.Identity == null || (ticket.Properties != null
&& ticket.Properties.ExpiresUtc.HasValue
&& ticket.Properties.ExpiresUtc.Value < DateTimeOffset.UtcNow))
{
return BadRequest("External login failure.");
}
ExternalLoginData externalData = ExternalLoginData.FromIdentity(ticket.Identity);
if (externalData == null)
{
return BadRequest("The external login is already associated with an account.");
}
IdentityResult result = await UserManager.AddLoginAsync(User.Identity.GetUserId(),
new UserLoginInfo(externalData.LoginProvider, externalData.ProviderKey));
if (!result.Succeeded)
{
return GetErrorResult(result);
}
return Ok();
}
public async Task<IHttpActionResult> AddExternalLogin(AddExternalLoginBindingModel model)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
AuthenticationTicket ticket = AccessTokenFormat.Unprotect(model.ExternalAccessToken);
if (ticket == null || ticket.Identity == null || (ticket.Properties != null
&& ticket.Properties.ExpiresUtc.HasValue
&& ticket.Properties.ExpiresUtc.Value < DateTimeOffset.UtcNow))
{
return BadRequest("Сбой внешнего входа.");
}
ExternalLoginData externalData = ExternalLoginData.FromIdentity(ticket.Identity);
if (externalData == null)
{
return BadRequest("Внешнее имя входа уже связано с учетной записью.");
}
IdentityResult result = await UserManager.AddLoginAsync(User.Identity.GetUserId(),
new UserLoginInfo(externalData.LoginProvider, externalData.ProviderKey));
if (!result.Succeeded)
{
return GetErrorResult(result);
}
return Ok();
}
//http://blog.valeriogheri.com/asp-net-webapi-identity-system-how-to-login-with-facebook-access-token
public async Task <IHttpActionResult> GoogleLogin(AddExternalLoginBindingModel model)
{
if (string.IsNullOrEmpty(model.ExternalAccessToken))
{
return(BadRequest("Invalid OAuth access token"));
}
ApplicationUser user = null;
// Get the fb access token and make a graph call to the /me endpoint
VerifyToken verifyToken = new VerifyToken();
var fbUser = await verifyToken.VerifyGoogleAccessToken(null, model.ExternalAccessToken);
if (fbUser == null)
{
return(BadRequest("Invalid OAuth access token"));
}
if (!fbUser.aud.Equals(VerifyToken.CLIENT_ID))
{
return(BadRequest("Invalid OAuth access token"));
}
try
{
using (var dbTransaction = db.Database.BeginTransaction())
{
if (model.Email != null)
{
// model.Email is an application account's email, not google login's email
user = await UserManager.FindByEmailAsync(model.Email);
if (user == null)
{
return(BadRequest("Invalid Email"));
}
//
bool isGoogleLoginAlreadyBelongToTheUser = false;
var userLogins = await UserManager.GetLoginsAsync(user.Id);
foreach (UserLoginInfo userLoginInfo in userLogins)
{
if (userLoginInfo.LoginProvider.Equals("Google") && userLoginInfo.ProviderKey.Equals(fbUser.sub))
{
isGoogleLoginAlreadyBelongToTheUser = true;
break;
}
}
if (!isGoogleLoginAlreadyBelongToTheUser)
{
bool isGoogleLoginAlreadyBelongToSomeOtherUser = db.Users.Where(u => u.Logins.Any(l => l.LoginProvider.Equals("Google") && l.ProviderKey.Equals(fbUser.sub))).Count() > 0;
if (isGoogleLoginAlreadyBelongToSomeOtherUser)
{
return(BadRequest("Invalid OAuth access token"));
}
else
{
if (!user.EmailConfirmed && !user.Email.ToLower().Equals(fbUser.Email.ToLower()))
{
return(BadRequest("Application account's email is not confirmed yet"));
}
//add login
//user.Logins.Add(new IdentityUserLogin() { LoginProvider = "Google", ProviderKey = fbUser.sub });
IdentityResult result = await UserManager.AddLoginAsync(user.Id, new UserLoginInfo("Google", fbUser.sub));
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
//make email confirmed
user.EmailConfirmed = true;
}
}
else
{
//nothing to do
}
}
else
{
//try to find user
user = db.Users.Where(u => u.Logins.Any(l => l.LoginProvider.Equals("Google") && l.ProviderKey.Equals(fbUser.sub))).SingleOrDefault();
if (user == null)
{
// user not found so
//create user and add login
string randomPassword;
//At least one lower case letter
Regex r1 = new Regex("[a-z]+");
//At least one upper case letter
Regex r2 = new Regex("[A-Z]+");
//At least one digit
Regex r3 = new Regex("[0-9]+");
string NewPassword = System.Web.Security.Membership.GeneratePassword(10, 5);
while (!(r1.IsMatch(NewPassword) && r2.IsMatch(NewPassword) && r3.IsMatch(NewPassword)))
{
//regenerate new password
NewPassword = System.Web.Security.Membership.GeneratePassword(10, 5);
}
randomPassword = NewPassword;
user = new ApplicationUser()
{
UserName = fbUser.Email, Email = fbUser.Email, EmailConfirmed = true
};
IdentityResult result = await UserManager.CreateAsync(user, randomPassword);
if (!result.Succeeded)
{
return(GetErrorResult(result));
//return Conflict();
}
//user.Logins.Add(new IdentityUserLogin() { LoginProvider = "Google", ProviderKey = fbUser.sub });
IdentityResult result2 = await UserManager.AddLoginAsync(user.Id, new UserLoginInfo("Google", fbUser.sub));
if (!result2.Succeeded)
{
return(GetErrorResult(result2));
}
}
else
{
//nothing to do
}
}
db.SaveChanges();
dbTransaction.Commit();
}
}
catch (Exception e)
{
return(Conflict());
}
// Finally sign-in the user: this is the key part of the code that creates the bearer token and authenticate the user
var identity = new ClaimsIdentity(Startup.OAuthOptions.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id, null, ClaimsIdentity.DefaultIssuer));
identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName, null, ClaimsIdentity.DefaultIssuer));
identity.AddClaim(new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "ASP.NET Identity", null, ClaimsIdentity.DefaultIssuer));
identity.AddClaim(new Claim("AspNet.Identity.SecurityStamp", user.SecurityStamp, null, ClaimsIdentity.DefaultIssuer));
AuthenticationTicket ticket = new AuthenticationTicket(identity, new AuthenticationProperties());
var currentUtc = new Microsoft.Owin.Infrastructure.SystemClock().UtcNow;
ticket.Properties.IssuedUtc = currentUtc;
var tokenExpirationTimeSpan = TimeSpan.FromDays(14);
ticket.Properties.ExpiresUtc = currentUtc.Add(tokenExpirationTimeSpan);
var accesstoken = Startup.OAuthOptions.AccessTokenFormat.Protect(ticket);
Authentication.SignIn(identity);
// Create the response
JObject blob = new JObject(
new JProperty("userName", user.UserName),
new JProperty("access_token", accesstoken),
new JProperty("token_type", "bearer"),
new JProperty("expires_in", (long)tokenExpirationTimeSpan.TotalSeconds),
new JProperty(".issued", ticket.Properties.IssuedUtc.ToString()),
new JProperty(".expires", ticket.Properties.ExpiresUtc.ToString())
);
var json = Newtonsoft.Json.JsonConvert.SerializeObject(blob);
// Return OK
return(Ok(blob));
}
public override Task <IHttpActionResult> AddExternalLogin(AddExternalLoginBindingModel model)
{
return(base.AddExternalLogin(model));
}
public void Init()
{
instance = new AddExternalLoginBindingModel();
}
