/// <summary> /// Зарегистрировать. /// </summary> /// <param name="input">Ввод.</param> /// <returns>Задача с зарегистрированным пользователем.</returns> public async Task <HostBasePartAuthUser> Register(ModAuthBaseJobRegisterInput input) { HostBasePartAuthUser result; var data = new DataEntityObjectUser { UserName = input.DataUserName, Email = input.DataEmail, FullName = input.DataFullName }; var userManager = input.UserManager; var identityResult = await userManager.CreateAsync(data, input.DataPassword) .CoreBaseExtTaskWithCurrentCulture(false); if (identityResult.Succeeded) { result = await data.HostBasePartAuthExtCreateUser(userManager) .CoreBaseExtTaskWithCurrentCulture(false); } else { throw new ModAuthBaseJobRegisterException(identityResult.Errors); } return(result); }
/// <summary> /// Хост. Основа. Часть "Auth". Расширение. Создать. Пользователя. /// </summary> /// <param name="data">Данные.</param> /// <param name="userManager">Менеджер пользователя.</param> /// <returns>Пользователь хоста.</returns> public static async Task <HostBasePartAuthUser> HostBasePartAuthExtCreateUser( this DataEntityObjectUser data, UserManager <DataEntityObjectUser> userManager ) { var roles = await userManager.GetRolesAsync(data) .CoreBaseExtTaskWithCurrentCulture(false); return(data.HostBasePartAuthExtCreateUser(roles)); }
/// <summary> /// Хост. Основа. Часть "Auth". Расширение. Создать. Пользователя. /// </summary> /// <param name="data">Данные.</param> /// <param name="roles">Роли.</param> /// <returns>Пользователь хоста.</returns> public static HostBasePartAuthUser HostBasePartAuthExtCreateUser( this DataEntityObjectUser data, IEnumerable <string> roles ) { var result = new HostBasePartAuthUser { Id = data.Id, UserName = data.UserName, Email = data.Email, FullName = data.FullName, Roles = roles }; return(result); }
/// <summary> /// JWT. Войти в систему. /// </summary> /// <param name="input">Ввод.</param> /// <returns>Задача с выводом.</returns> public async Task <ModAuthBaseCommonJobLoginJwtOutput> JwtLogin(ModAuthBaseCommonJobLoginInput input) { ModAuthBaseCommonJobLoginJwtOutput result = null; if (!string.IsNullOrEmpty(input.DataPassword)) { DataEntityObjectUser user = null; var userManager = input.UserManager; if (!string.IsNullOrEmpty(input.DataUserName)) { user = await userManager.FindByNameAsync(input.DataUserName) .CoreBaseExtTaskWithCurrentCulture(false); } else if (!string.IsNullOrEmpty(input.DataEmail)) { user = await userManager.FindByEmailAsync(input.DataEmail) .CoreBaseExtTaskWithCurrentCulture(false); } if (user != null) { var isOk = await userManager.CheckPasswordAsync(user, input.DataPassword) .CoreBaseExtTaskWithCurrentCulture(false); if (isOk) { result = await user.ModAuthBaseExtCreateHostBasePartAuthJobLoginJwtOutput( userManager, JwtService ); } } } if (result == null) { throw new ModAuthBaseCommonJobLoginException(); } return(result); }
/// <summary> /// Мод "Auth". Основа. Расширение. Создать. Вывод от задания на вход в систему при помощи JWT. /// </summary> /// <param name="data">Данные.</param> /// <param name="userManager">Менеджер пользователя.</param> /// <param name="jwtService">Сервис JWT.</param> /// <returns></returns> public static async Task <ModAuthBaseCommonJobLoginJwtOutput> ModAuthBaseExtCreateHostBasePartAuthJobLoginJwtOutput( this DataEntityObjectUser data, UserManager <DataEntityObjectUser> userManager, ICoreBaseAuthTypeJwtService jwtService ) { var result = new ModAuthBaseCommonJobLoginJwtOutput { CurrentUser = await data.HostBasePartAuthExtCreateUser(userManager) .CoreBaseExtTaskWithCurrentCulture(false) }; var claims = result.CurrentUser.HostBasePartAuthExtCreateUserClaims(); var userId = data.Id.ToString(); result.AccessToken = jwtService.CreateAccessToken(userId, claims); result.RefreshToken = jwtService.CreateRefreshToken(userId); return(result); }
private async Task <DataEntityObjectUser> AddUser( UserManager <DataEntityObjectUser> userManager, RoleManager <DataEntityObjectRole> roleManager, string userName, string password, string email, string fullName, IEnumerable <string> roleNames, IEnumerable <Claim> claims, string loginProvider, string providerDisplayName, string providerKey, Func <IEnumerable <IdentityError>, HostBaseCommonIdentityException> funcCreateIdentityException ) { var user = new DataEntityObjectUser { Email = email, FullName = fullName, UserName = userName }; var identityResult = string.IsNullOrWhiteSpace(password) ? await userManager.CreateAsync(user) .CoreBaseExtTaskWithCurrentCulture(false) : await userManager.CreateAsync(user, password) .CoreBaseExtTaskWithCurrentCulture(false); if (!identityResult.Succeeded) { throw funcCreateIdentityException(identityResult.Errors); } if (roleNames != null && roleNames.Any()) { foreach (var roleName in roleNames) { await AddRole(roleManager, roleName) .CoreBaseExtTaskWithCurrentCulture(false); identityResult = await userManager.AddToRoleAsync(user, roleName) .CoreBaseExtTaskWithCurrentCulture(false); if (!identityResult.Succeeded) { throw funcCreateIdentityException(identityResult.Errors); } } } if (claims != null && claims.Any()) { identityResult = await userManager.AddClaimsAsync(user, claims) .CoreBaseExtTaskWithCurrentCulture(false); if (!identityResult.Succeeded) { throw funcCreateIdentityException(identityResult.Errors); } } if (!string.IsNullOrWhiteSpace(loginProvider)) { var userLoginInfo = new UserLoginInfo( loginProvider, providerKey ?? user.Id.ToString(), providerDisplayName ); identityResult = await userManager.AddLoginAsync(user, userLoginInfo); if (!identityResult.Succeeded) { throw funcCreateIdentityException(identityResult.Errors); } } return(user); }
)> ProcessCallbackGet( IClientStore clientStore, IEventService events, HttpContext httpContext, IIdentityServerInteractionService interaction, HostBasePartAuthJobUserEntityCreateService jobUserEntityCreate, ILogger logger, RoleManager <DataEntityObjectRole> roleManager, SignInManager <DataEntityObjectUser> signInManager, UserManager <DataEntityObjectUser> userManager ) { // read external identity from the temporary cookie var result = await httpContext.AuthenticateAsync(IdentityConstants.ExternalScheme) .CoreBaseExtTaskWithCurrentCulture(false); if (result?.Succeeded != true) { throw new ModIdentityServerBaseExceptionExternalAuthentication(); } // lookup our user and external provider info var(user, provider, providerUserId, claims) = await FindUserFromExternalProviderAsync(result, userManager); if (user == null) { // this might be where you might initiate a custom workflow for user registration // in this sample we don't show how that would be done, as our sample implementation // simply auto-provisions new external user user = await AutoProvisionUserAsync( provider, providerUserId, claims, logger, jobUserEntityCreate, roleManager, userManager ).CoreBaseExtTaskWithCurrentCulture(false); } // this allows us to collect any additonal claims or properties // for the specific prtotocols used and store them in the local auth cookie. // this is typically used to store data needed for signout from those protocols. var additionalLocalClaims = new List <Claim>(); var localSignInProps = new AuthenticationProperties(); ProcessCallbackGetForOidc(result, additionalLocalClaims, localSignInProps); // issue authentication cookie for user // we must issue the cookie maually, and can't use the SignInManager because // it doesn't expose an API to issue additional claims from the login workflow var principal = await signInManager.CreateUserPrincipalAsync(user) .CoreBaseExtTaskWithCurrentCulture(false); additionalLocalClaims.AddRange(principal.Claims); var name = principal.FindFirst(JwtClaimTypes.Name)?.Value ?? user.Id.ToString(); await httpContext.SignInAsync( user.Id.ToString(), name, provider, localSignInProps, additionalLocalClaims.ToArray() ).CoreBaseExtTaskWithCurrentCulture(false); // delete temporary cookie used during external authentication await httpContext.SignOutAsync(IdentityConstants.ExternalScheme) .CoreBaseExtTaskWithCurrentCulture(false); // retrieve return URL var returnUrl = result.Properties.Items["returnUrl"] ?? "~/"; // check if external login is in the context of an OIDC request var context = await interaction.GetAuthorizationContextAsync(returnUrl) .CoreBaseExtTaskWithCurrentCulture(false); await events.RaiseAsync( new UserLoginSuccessEvent( provider, providerUserId, user.Id.ToString(), name, true, context?.ClientId ) ).CoreBaseExtTaskWithCurrentCulture(false); var status = ModIdentityServerWebMvcPartExternalJobCallbackGetEnumStatuses.Default; if (context != null) { var isPckeRequired = await clientStore.ModIdentityServerWebExtClientIsPkceRequired(context.ClientId) .CoreBaseExtTaskWithCurrentCulture(false); if (isPckeRequired) { // if the client is PKCE then we assume it's native, so this change in how to // return the response is for better UX for the end user. status = ModIdentityServerWebMvcPartExternalJobCallbackGetEnumStatuses.Redirect; } } return(status, returnUrl); }