protected override async Task <AuthenticationTicket> CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens)
{
log.LogDebug("CreateTicketAsync called");
var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
var response = await Backchannel.SendAsync(request, Context.RequestAborted);
response.EnsureSuccessStatusCode();
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
var notification = new OAuthAuthenticatedContext(Context, Options, Backchannel, tokens, payload)
{
Properties = properties,
Principal = new ClaimsPrincipal(identity)
};
var identifier = MicrosoftAccountAuthenticationHelper.GetId(payload);
if (!string.IsNullOrEmpty(identifier))
{
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, identifier, ClaimValueTypes.String, Options.ClaimsIssuer));
identity.AddClaim(new Claim("urn:microsoftaccount:id", identifier, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var name = MicrosoftAccountAuthenticationHelper.GetName(payload);
if (!string.IsNullOrEmpty(name))
{
identity.AddClaim(new Claim(ClaimTypes.Name, name, ClaimValueTypes.String, Options.ClaimsIssuer));
identity.AddClaim(new Claim("urn:microsoftaccount:name", name, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var email = MicrosoftAccountAuthenticationHelper.GetEmail(payload);
if (!string.IsNullOrEmpty(email))
{
identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, Options.ClaimsIssuer));
}
await Options.Notifications.Authenticated(notification);
ISiteSettings site = siteResolver.Resolve();
if (site != null)
{
Claim siteGuidClaim = new Claim("SiteGuid", site.SiteGuid.ToString());
if (!identity.HasClaim(siteGuidClaim.Type, siteGuidClaim.Value))
{
identity.AddClaim(siteGuidClaim);
}
}
//return new AuthenticationTicket(notification.Principal, notification.Properties, notification.Options.AuthenticationScheme);
return(new AuthenticationTicket(notification.Principal, notification.Properties, AuthenticationScheme.External));
}
protected override async Task <AuthenticationTicket> CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens)
{
var notification = new OAuthAuthenticatedContext(Context, Options, Backchannel, tokens)
{
Properties = properties,
Principal = new ClaimsPrincipal(identity)
};
var user = tokens.Response["user"];
var userId = user["id"]?.ToString();
if (userId != null)
{
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userId, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var username = user["username"]?.ToString();
if (username != null)
{
identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, username, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var fullname = user["full_name"]?.ToString();
if (fullname != null)
{
identity.AddClaim(new Claim("urn:instagram:full_name", fullname, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var profilePic = user["profile_picture"]?.ToString();
if (profilePic != null)
{
identity.AddClaim(new Claim("urn:instagram:profile_picture", profilePic, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var website = user["website"]?.ToString();
if (website != null)
{
identity.AddClaim(new Claim("urn:instagram:website", website, ClaimValueTypes.String, Options.ClaimsIssuer));
}
await Options.Notifications.Authenticated(notification);
return(new AuthenticationTicket(notification.Principal, notification.Properties, notification.Options.AuthenticationScheme));
}
internal static async Task OnAuthenticated(OAuthAuthenticatedContext context)
{
if (context.Principal != null)
{
Helpers.ThrowIfConditionFailed(() => context.AccessToken == "ValidAccessToken", "Access token is not valid");
Helpers.ThrowIfConditionFailed(() => context.RefreshToken == "ValidRefreshToken", "Refresh token is not valid");
Helpers.ThrowIfConditionFailed(() => GoogleAuthenticationHelper.GetEmail(context.User) == "*****@*****.**", "Email is not valid");
Helpers.ThrowIfConditionFailed(() => GoogleAuthenticationHelper.GetId(context.User) == "106790274378320830963", "Id is not valid");
Helpers.ThrowIfConditionFailed(() => GoogleAuthenticationHelper.GetFamilyName(context.User) == "AspnetvnextTest", "FamilyName is not valid");
Helpers.ThrowIfConditionFailed(() => GoogleAuthenticationHelper.GetName(context.User) == "AspnetvnextTest AspnetvnextTest", "Name is not valid");
Helpers.ThrowIfConditionFailed(() => context.ExpiresIn.Value == TimeSpan.FromSeconds(1200), "ExpiresIn is not valid");
Helpers.ThrowIfConditionFailed(() => context.User != null, "User object is not valid");
context.Principal.Identities.First().AddClaim(new Claim("ManageStore", "false"));
}
await Task.FromResult(0);
}
internal static async Task OnAuthenticated(OAuthAuthenticatedContext context)
{
if (context.Principal != null)
{
Helpers.ThrowIfConditionFailed(() => context.AccessToken == "ValidAccessToken", "Access token is not valid");
Helpers.ThrowIfConditionFailed(() => context.RefreshToken == "ValidRefreshToken", "Refresh token is not valid");
Helpers.ThrowIfConditionFailed(() => GoogleAuthenticationHelper.GetEmail(context.User) == "*****@*****.**", "Email is not valid");
Helpers.ThrowIfConditionFailed(() => GoogleAuthenticationHelper.GetId(context.User) == "106790274378320830963", "Id is not valid");
Helpers.ThrowIfConditionFailed(() => GoogleAuthenticationHelper.GetFamilyName(context.User) == "AspnetvnextTest", "FamilyName is not valid");
Helpers.ThrowIfConditionFailed(() => GoogleAuthenticationHelper.GetName(context.User) == "AspnetvnextTest AspnetvnextTest", "Name is not valid");
Helpers.ThrowIfConditionFailed(() => context.ExpiresIn.Value == TimeSpan.FromSeconds(1200), "ExpiresIn is not valid");
Helpers.ThrowIfConditionFailed(() => context.User != null, "User object is not valid");
context.Principal.Identities.First().AddClaim(new Claim("ManageStore", "false"));
}
await Task.FromResult(0);
}
internal static async Task OnAuthenticated(OAuthAuthenticatedContext context)
{
if (context.Principal != null)
{
Helpers.ThrowIfConditionFailed(() => context.AccessToken == "ValidAccessToken", "Access token is not valid");
Helpers.ThrowIfConditionFailed(() => context.RefreshToken == "ValidRefreshToken", "Refresh token is not valid");
Helpers.ThrowIfConditionFailed(() => MicrosoftAccountAuthenticationHelper.GetFirstName(context.User) == "AspnetvnextTest", "Email is not valid");
Helpers.ThrowIfConditionFailed(() => MicrosoftAccountAuthenticationHelper.GetLastName(context.User) == "AspnetvnextTest", "Email is not valid");
Helpers.ThrowIfConditionFailed(() => MicrosoftAccountAuthenticationHelper.GetId(context.User) == "fccf9a24999f4f4f", "Id is not valid");
Helpers.ThrowIfConditionFailed(() => MicrosoftAccountAuthenticationHelper.GetName(context.User) == "AspnetvnextTest AspnetvnextTest", "Name is not valid");
Helpers.ThrowIfConditionFailed(() => context.ExpiresIn.Value == TimeSpan.FromSeconds(3600), "ExpiresIn is not valid");
Helpers.ThrowIfConditionFailed(() => context.User != null, "User object is not valid");
Helpers.ThrowIfConditionFailed(() => MicrosoftAccountAuthenticationHelper.GetId(context.User) == context.User.SelectToken("id").ToString(), "User id is not valid");
context.Principal.Identities.First().AddClaim(new Claim("ManageStore", "false"));
}
await Task.FromResult(0);
}
internal static async Task OnAuthenticated(OAuthAuthenticatedContext context)
{
if (context.Principal != null)
{
Helpers.ThrowIfConditionFailed(() => context.AccessToken == "ValidAccessToken", "");
Helpers.ThrowIfConditionFailed(() => FacebookAuthenticationHelper.GetEmail(context.User) == "*****@*****.**", "");
Helpers.ThrowIfConditionFailed(() => FacebookAuthenticationHelper.GetId(context.User) == "Id", "");
Helpers.ThrowIfConditionFailed(() => FacebookAuthenticationHelper.GetLink(context.User) == "https://www.facebook.com/myLink", "");
Helpers.ThrowIfConditionFailed(() => FacebookAuthenticationHelper.GetName(context.User) == "AspnetvnextTest AspnetvnextTest", "");
Helpers.ThrowIfConditionFailed(() => FacebookAuthenticationHelper.GetUserName(context.User) == "AspnetvnextTest.AspnetvnextTest.7", "");
Helpers.ThrowIfConditionFailed(() => context.User.SelectToken("id").ToString() == FacebookAuthenticationHelper.GetId(context.User), "");
Helpers.ThrowIfConditionFailed(() => context.ExpiresIn.Value == TimeSpan.FromSeconds(100), "");
Helpers.ThrowIfConditionFailed(() => context.AccessToken == "ValidAccessToken", "");
context.Principal.Identities.First().AddClaim(new Claim("ManageStore", "false"));
}
await Task.FromResult(0);
}
internal static async Task OnAuthenticated(OAuthAuthenticatedContext context)
{
if (context.Principal != null)
{
Helpers.ThrowIfConditionFailed(() => context.AccessToken == "ValidAccessToken", "Access token is not valid");
Helpers.ThrowIfConditionFailed(() => context.RefreshToken == "ValidRefreshToken", "Refresh token is not valid");
Helpers.ThrowIfConditionFailed(() => MicrosoftAccountAuthenticationHelper.GetFirstName(context.User) == "AspnetvnextTest", "Email is not valid");
Helpers.ThrowIfConditionFailed(() => MicrosoftAccountAuthenticationHelper.GetLastName(context.User) == "AspnetvnextTest", "Email is not valid");
Helpers.ThrowIfConditionFailed(() => MicrosoftAccountAuthenticationHelper.GetId(context.User) == "fccf9a24999f4f4f", "Id is not valid");
Helpers.ThrowIfConditionFailed(() => MicrosoftAccountAuthenticationHelper.GetName(context.User) == "AspnetvnextTest AspnetvnextTest", "Name is not valid");
Helpers.ThrowIfConditionFailed(() => context.ExpiresIn.Value == TimeSpan.FromSeconds(3600), "ExpiresIn is not valid");
Helpers.ThrowIfConditionFailed(() => context.User != null, "User object is not valid");
Helpers.ThrowIfConditionFailed(() => MicrosoftAccountAuthenticationHelper.GetId(context.User) == context.User.SelectToken("id").ToString(), "User id is not valid");
context.Principal.Identities.First().AddClaim(new Claim("ManageStore", "false"));
}
await Task.FromResult(0);
}
protected virtual async Task <AuthenticationTicket> CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens)
{
log.LogDebug("CreateTicketAsync called");
var notification = new OAuthAuthenticatedContext(Context, Options, Backchannel, tokens)
{
Principal = new ClaimsPrincipal(identity),
Properties = properties
};
await Options.Notifications.Authenticated(notification);
if (notification.Principal?.Identity == null)
{
return(null);
}
return(new AuthenticationTicket(notification.Principal, notification.Properties, Options.AuthenticationScheme));
}
protected override async Task <AuthenticationTicket> CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens)
{
var notification = new OAuthAuthenticatedContext(Context, Options, Backchannel, tokens)
{
Properties = properties,
Principal = new ClaimsPrincipal(identity)
};
var userId = tokens.Response["user_id"]?.ToString();
if (userId != null)
{
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userId, ClaimValueTypes.String, Options.ClaimsIssuer));
}
await Options.Notifications.Authenticated(notification);
return(new AuthenticationTicket(notification.Principal, notification.Properties, notification.Options.AuthenticationScheme));
}
protected override async Task <AuthenticationTicket> CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens)
{
// Load the battlenet user info
var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint + "?access_token=" + tokens.AccessToken);
var response = await Backchannel.SendAsync(request, Context.RequestAborted);
response.EnsureSuccessStatusCode();
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
var notification = new OAuthAuthenticatedContext(Context, Options, Backchannel, tokens, payload)
{
Properties = properties,
Principal = new ClaimsPrincipal(identity)
};
var id = BattlenetAuthenticationHelper.GetId(payload);
if (!string.IsNullOrEmpty(id))
{
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, id, ClaimValueTypes.Integer, Options.ClaimsIssuer));
}
var battletag = BattlenetAuthenticationHelper.GetBattletag(payload);
if (!string.IsNullOrEmpty(battletag))
{
identity.AddClaim(new Claim(ClaimTypes.Name, battletag, ClaimValueTypes.String, Options.ClaimsIssuer));
identity.AddClaim(new Claim(BattlenetAuthenticationDefaults.BattletagClaimType, battletag, ClaimValueTypes.String, Options.ClaimsIssuer));
}
await Options.Notifications.Authenticated(notification);
return(new AuthenticationTicket(notification.Principal, notification.Properties, notification.Options.AuthenticationScheme));
}
protected override async Task <AuthenticationTicket> CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens)
{
log.LogDebug("CreateTicketAsync called");
//Options.AuthenticationScheme = AuthenticationScheme.External;
var endpoint = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, "access_token", tokens.AccessToken);
if (Options.SendAppSecretProof)
{
endpoint = QueryHelpers.AddQueryString(endpoint, "appsecret_proof", GenerateAppSecretProof(tokens.AccessToken));
}
var response = await Backchannel.GetAsync(endpoint, Context.RequestAborted);
response.EnsureSuccessStatusCode();
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
var notification = new OAuthAuthenticatedContext(Context, Options, Backchannel, tokens, payload)
{
Properties = properties,
Principal = new ClaimsPrincipal(identity)
};
var identifier = FacebookAuthenticationHelper.GetId(payload);
if (!string.IsNullOrEmpty(identifier))
{
log.LogDebug("CreateTicketAsync FacebookAuthenticationHelper.GetId(payload) " + identifier);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, identifier, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var userName = FacebookAuthenticationHelper.GetUserName(payload);
if (!string.IsNullOrEmpty(userName))
{
log.LogDebug("CreateTicketAsync FacebookAuthenticationHelper.GetUserName(payload) " + userName);
identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, userName, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var email = FacebookAuthenticationHelper.GetEmail(payload);
if (!string.IsNullOrEmpty(email))
{
log.LogDebug("CreateTicketAsync FacebookAuthenticationHelper.GetEmail(payload) " + email);
identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var name = FacebookAuthenticationHelper.GetName(payload);
if (!string.IsNullOrEmpty(name))
{
log.LogDebug("CreateTicketAsync FacebookAuthenticationHelper.GetName(payload) " + name);
identity.AddClaim(new Claim("urn:facebook:name", name, ClaimValueTypes.String, Options.ClaimsIssuer));
// Many Facebook accounts do not set the UserName field. Fall back to the Name field instead.
if (string.IsNullOrEmpty(userName))
{
identity.AddClaim(new Claim(identity.NameClaimType, name, ClaimValueTypes.String, Options.ClaimsIssuer));
}
}
var link = FacebookAuthenticationHelper.GetLink(payload);
if (!string.IsNullOrEmpty(link))
{
log.LogDebug("CreateTicketAsync FacebookAuthenticationHelper.GetLink(payload) " + link);
identity.AddClaim(new Claim("urn:facebook:link", link, ClaimValueTypes.String, Options.ClaimsIssuer));
}
log.LogDebug("CreateTicketAsync notification.Options.AuthenticationScheme " + notification.Options.AuthenticationScheme);
await Options.Notifications.Authenticated(notification);
ISiteSettings site = siteResolver.Resolve();
if (site != null)
{
Claim siteGuidClaim = new Claim("SiteGuid", site.SiteGuid.ToString());
if (!identity.HasClaim(siteGuidClaim.Type, siteGuidClaim.Value))
{
identity.AddClaim(siteGuidClaim);
}
}
log.LogDebug("CreateTicketAsync notification.Principal " + notification.Principal.Identity.Name.ToString());
//https://github.com/aspnet/Security/blob/dev/src/Microsoft.AspNet.Authentication/AuthenticationTicket.cs
//return new AuthenticationTicket(notification.Principal, notification.Properties, notification.Options.AuthenticationScheme);
return(new AuthenticationTicket(notification.Principal, notification.Properties, AuthenticationScheme.External));
}
protected override async Task <AuthenticationTicket> CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens)
{
// Get the Google user
var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
var response = await Backchannel.SendAsync(request, Context.RequestAborted);
response.EnsureSuccessStatusCode();
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
var notification = new OAuthAuthenticatedContext(Context, Options, Backchannel, tokens, payload)
{
Properties = properties,
Principal = new ClaimsPrincipal(identity)
};
var identifier = GoogleAuthenticationHelper.GetId(payload);
if (!string.IsNullOrEmpty(identifier))
{
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, identifier, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var givenName = GoogleAuthenticationHelper.GetGivenName(payload);
if (!string.IsNullOrEmpty(givenName))
{
identity.AddClaim(new Claim(ClaimTypes.GivenName, givenName, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var familyName = GoogleAuthenticationHelper.GetFamilyName(payload);
if (!string.IsNullOrEmpty(familyName))
{
identity.AddClaim(new Claim(ClaimTypes.Surname, familyName, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var name = GoogleAuthenticationHelper.GetName(payload);
if (!string.IsNullOrEmpty(name))
{
identity.AddClaim(new Claim(ClaimTypes.Name, name, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var email = GoogleAuthenticationHelper.GetEmail(payload);
if (!string.IsNullOrEmpty(email))
{
identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var profile = GoogleAuthenticationHelper.GetProfile(payload);
if (!string.IsNullOrEmpty(profile))
{
identity.AddClaim(new Claim("urn:google:profile", profile, ClaimValueTypes.String, Options.ClaimsIssuer));
}
await Options.Notifications.Authenticated(notification);
return(new AuthenticationTicket(notification.Principal, notification.Properties, notification.Options.AuthenticationScheme));
}
/// <summary> /// Invoked after the provider successfully authenticates a user. /// </summary> /// <param name="context">Contains information about the login session as well as the user <see cref="ClaimsIdentity"/>.</param> /// <returns>A <see cref="Task"/> representing the completed operation.</returns> public virtual Task Authenticated(OAuthAuthenticatedContext context) => OnAuthenticated(context);
protected override async Task <AuthenticationTicket> CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens)
{
var endpoint = Options.UserInformationEndpoint + "?access_token=" + UrlEncoder.UrlEncode(tokens.AccessToken);
if (Options.SendAppSecretProof)
{
endpoint += "&appsecret_proof=" + GenerateAppSecretProof(tokens.AccessToken);
}
var response = await Backchannel.GetAsync(endpoint, Context.RequestAborted);
response.EnsureSuccessStatusCode();
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
var notification = new OAuthAuthenticatedContext(Context, Options, Backchannel, tokens, payload)
{
Properties = properties,
Principal = new ClaimsPrincipal(identity)
};
var identifier = FacebookAuthenticationHelper.GetId(payload);
if (!string.IsNullOrEmpty(identifier))
{
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, identifier, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var userName = FacebookAuthenticationHelper.GetUserName(payload);
if (!string.IsNullOrEmpty(userName))
{
identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, userName, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var email = FacebookAuthenticationHelper.GetEmail(payload);
if (!string.IsNullOrEmpty(email))
{
identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var name = FacebookAuthenticationHelper.GetName(payload);
if (!string.IsNullOrEmpty(name))
{
identity.AddClaim(new Claim("urn:facebook:name", name, ClaimValueTypes.String, Options.ClaimsIssuer));
// Many Facebook accounts do not set the UserName field. Fall back to the Name field instead.
if (string.IsNullOrEmpty(userName))
{
identity.AddClaim(new Claim(identity.NameClaimType, name, ClaimValueTypes.String, Options.ClaimsIssuer));
}
}
var link = FacebookAuthenticationHelper.GetLink(payload);
if (!string.IsNullOrEmpty(link))
{
identity.AddClaim(new Claim("urn:facebook:link", link, ClaimValueTypes.String, Options.ClaimsIssuer));
}
await Options.Notifications.Authenticated(notification);
return(new AuthenticationTicket(notification.Principal, notification.Properties, notification.Options.AuthenticationScheme));
}
