public async Task <IHttpActionResult> ObtainLocalAccessToken([FromUri] ExternalLocalAccessToken model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
ParsedExternalAccessToken verifiedAccessToken = await VerifyExternalAccessToken(model.Provider, model.ExternalAccessToken);
if (verifiedAccessToken == null)
{
return(BadRequest("Invalid Provider or External Access Token"));
}
IdentityUser <Guid, CustomUserLogin, CustomUserRole, CustomUserClaim> user = await _authRepository.FindAsync(new UserLoginInfo(model.Provider.ToString(), verifiedAccessToken.UserID));
bool hasRegistered = user != null;
if (!hasRegistered)
{
return(BadRequest("External user is not registered"));
}
//generate access token response
var accessTokenResponse = await GenerateLocalAccessTokenResponse(user.UserName, model.ClientID);
return(Ok(accessTokenResponse));
}
private async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
if (string.Compare(provider, FacebookProvider, true) != 0)
{
return(null);
}
var appToken = ConfigurationManager.AppSettings["Facebook.AppToken"];
var verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken);
ParsedExternalAccessToken parsedToken = null;
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (!response.IsSuccessStatusCode)
{
return(parsedToken);
}
parsedToken = await GetParsedTokenFromRequestContent(parsedToken, response);
if (!string.Equals(Startup.FacebookAuthOptions.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
return(parsedToken);
}
public async Task <IHttpActionResult> ObtainLocalAccessToken(string provider, string externalAccessToken)
{
if (string.IsNullOrWhiteSpace(provider) || string.IsNullOrWhiteSpace(externalAccessToken))
{
return(BadRequest("Provider or external access token is not sent"));
}
ParsedExternalAccessToken verifiedAccessToken =
await VerifyExternalAccessToken(provider, externalAccessToken);
if (verifiedAccessToken == null)
{
return(BadRequest("Invalid Provider or External Access Token"));
}
IdentityUser user = await repo.FindAsync(new UserLoginInfo(provider, verifiedAccessToken.UserId));
bool hasRegistered = user != null;
if (!hasRegistered)
{
return(BadRequest("External user is not registered"));
}
//generate access token response
JObject accessTokenResponse = GenerateLocalAccessTokenResponse(user.UserName);
return(Ok(accessTokenResponse));
}
private async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
ParsedExternalAccessToken parsedToken = null;
var verifyTokenEndPoint = "";
if (provider == "Facebook")
{
//You can get it from here: https://developers.facebook.com/tools/accesstoken/
//More about debug_tokn here: http://stackoverflow.com/questions/16641083/how-does-one-get-the-app-access-token-for-debug-token-inspection-on-facebook
// this will expire and cause mayhem
var appToken = "146338829036652|tw_hXryh7oL2aR1msUBKzQiwyRc";
verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken);
}
else if (provider == "Google")
{
verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken);
}
else
{
return(null);
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
if (provider == "Facebook")
{
parsedToken.user_id = jObj["data"]["user_id"];
parsedToken.app_id = jObj["data"]["app_id"];
if (!string.Equals(Startup.facebookAuthOptions.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
else if (provider == "Google")
{
parsedToken.user_id = jObj["user_id"];
parsedToken.app_id = jObj["audience"];
if (!string.Equals(Startup.googleAuthOptions.ClientId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
}
return(parsedToken);
}
private async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
ParsedExternalAccessToken parsedToken = null;
var verifyTokenEndPoint = string.Empty;
if (provider == "Facebook")
{
var appToken = "1656794197865890|tkbTxWcV572d1xSRNUS8cEnueVY";
verifyTokenEndPoint =
string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken,
appToken);
}
else if (provider == "Google")
{
verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}",
accessToken);
}
else
{
return(null);
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
if (provider == "Facebook")
{
parsedToken.user_id = jObj["data"]["user_id"];
parsedToken.app_id = jObj["data"]["app_id"];
if (!string.Equals(Startup.facebookOptions.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
else if (provider == "Google")
{
parsedToken.user_id = jObj["user_id"];
parsedToken.app_id = jObj["audience"];
if (!string.Equals(Startup.googleOptions.ClientId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
}
return(parsedToken);
}
private async Task <ParsedExternalAccessToken> VerifyExternalAccessTokenAsync(string provider, string accessToken)
{
Uri tokenVerificationEndpoint;
if (provider == "Facebook")
{
var applicationToken = ConfigurationManager.AppSettings["fb_app_token"];
tokenVerificationEndpoint = new Uri(string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, applicationToken));
}
else if (provider == "Google")
{
tokenVerificationEndpoint = new Uri(string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken));
}
else
{
return(null);
}
using (var client = new HttpClient())
{
var response = await client.GetAsync(tokenVerificationEndpoint);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
var jObject = JsonConvert.DeserializeObject <JObject>(content);
var parsedToken = new ParsedExternalAccessToken();
if (provider == "Facebook")
{
parsedToken.UserId = jObject["data"]["user_id"].Value <string>();
parsedToken.ApplicationId = jObject["data"]["app_id"].Value <string>();
if (!Startup.FacebookOptions.AppId.Equals(parsedToken.ApplicationId, StringComparison.InvariantCultureIgnoreCase))
{
return(null);
}
}
else if (provider == "Google")
{
parsedToken.UserId = jObject["user_id"].Value <string>();
parsedToken.ApplicationId = jObject["audience"].Value <string>();
if (!Startup.GoogleAuthOptions.ClientId.Equals(parsedToken.ApplicationId, StringComparison.InvariantCultureIgnoreCase))
{
return(null);
}
}
return(parsedToken);
}
return(null);
}
}
private async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
ParsedExternalAccessToken parsedToken = null;
var verifyTokenEndPoint = "";
if (provider == "Facebook")
{
var appToken = "1487705754840266|DazWSPoZxsEWAPiHNhnWN0kyS_g";
verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken);
}
else if (provider == "Google")
{
verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken);
}
else
{
return(null);
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
var jsonContent = (JObject)JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
if (provider == "Facebook")
{
parsedToken.user_id = jsonContent["data"]["user_id"].ToString();
parsedToken.app_id = jsonContent["data"]["app_id"].ToString();
}
if (!string.Equals(Startup.FacebookAuthOptions.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
else if (provider == "Google")
{
parsedToken.user_id = jsonContent["user_id"].ToString();
parsedToken.app_id = jsonContent["audience"].ToString();
if (!string.Equals(Startup.GoogleAuthOptions.ClientId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
}
return(parsedToken);
}
private async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
ParsedExternalAccessToken parsedToken = null;
var verifyTokenEndPoint = "";
if (provider == "Facebook")
{
var appToken = "332333880510904|c82dSSPzEzFi9832ltrLExFE14Y";
verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken);
}
//else if (provider == "Google")
//{
// verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken);
//}
else
{
return(null);
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
if (provider == "Facebook")
{
parsedToken.user_id = jObj["data"]["user_id"];
parsedToken.app_id = jObj["data"]["app_id"];
if (!string.Equals(Startup.FacebookAuthOptions.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
//else if (provider == "Google")
//{
// parsedToken.user_id = jObj["user_id"];
// parsedToken.app_id = jObj["audience"];
// if (!string.Equals(Startup.googleAuthOptions.ClientId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
// {
// return null;
// }
//}
}
return(parsedToken);
}
public async Task <IHttpActionResult> RegisterExternal(RegisterExternalBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
ParsedExternalAccessToken verifiedAccessToken =
await VerifyExternalAccessToken(model.Provider, model.ExternalAccessToken);
if (verifiedAccessToken == null)
{
return(BadRequest("Invalid Provider or External Access Token"));
}
ApplicationUser user = await repo.FindAsync(new UserLoginInfo(model.Provider, verifiedAccessToken.UserId));
bool hasRegistered = user != null;
if (hasRegistered)
{
return(BadRequest("External user is already registered"));
}
user = new ApplicationUser {
UserName = model.UserName
};
IdentityResult result = await repo.CreateAsync(user);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
var info = new ExternalLoginInfo
{
DefaultUserName = model.UserName,
Login = new UserLoginInfo(model.Provider, verifiedAccessToken.UserId)
};
result = await repo.AddLoginAsync(user.Id, info.Login);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
//generate access token response
JObject accessTokenResponse = GenerateLocalAccessTokenResponse(model.UserName);
return(Ok(accessTokenResponse));
}
public async Task <IHttpActionResult> Register(RegisterExternalBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
ParsedExternalAccessToken verifiedAccessToken = await VerifyExternalAccessToken(model.Provider, model.ExternalAccessToken);
if (verifiedAccessToken == null)
{
return(BadRequest("Invalid Provider or External Access Token"));
}
IdentityUser <Guid, CustomUserLogin, CustomUserRole, CustomUserClaim> user = await _authRepository.FindAsync(new UserLoginInfo(model.Provider.ToString(), verifiedAccessToken.UserID));
bool hasRegistered = user != null;
if (hasRegistered)
{
return(BadRequest("External user is already registered"));
}
ApplicationUser appUser = _applicationUserFactory.Create(model.UserName, verifiedAccessToken.Email);
appUser.EmailConfirmed = true;
IdentityResult result = await _authRepository.CreateAsync(appUser);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
var info = new ExternalLoginInfo()
{
DefaultUserName = model.UserName,
Login = new UserLoginInfo(model.Provider.ToString(), verifiedAccessToken.UserID)
};
result = await _authRepository.AddLoginAsync(appUser.Id, info.Login);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
//generate access token response
var accessTokenResponse = await GenerateLocalAccessTokenResponse(model.UserName, model.ClientID);
return(Ok(accessTokenResponse));
}
private async Task <ParsedExternalAccessToken> GetParsedTokenFromRequestContent(ParsedExternalAccessToken parsedToken, HttpResponseMessage response)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
parsedToken.user_id = jObj["data"]["user_id"];
parsedToken.app_id = jObj["data"]["app_id"];
return(parsedToken);
}
private async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
if (string.IsNullOrWhiteSpace(provider) || string.IsNullOrWhiteSpace(accessToken))
{
throw new ValidationException(Resources.InvalidProviderOrExternalToken);
}
ParsedExternalAccessToken parsedToken = null;
var verifyTokenEndPoint = "";
if (string.Equals(provider, AuthConstants.Providers.Facebook))
{
var appToken = ConfigurationManager.AppSettings["FacebookAppToken"];
verifyTokenEndPoint = string.Format(AuthConstants.Providers.FacebookVerifyTokenEndPoint, accessToken, appToken);
}
else if (string.Equals(provider, AuthConstants.Providers.Google))
{
verifyTokenEndPoint = string.Format(AuthConstants.Providers.GoogleVerifyTokenEndPoint, accessToken);
}
else
{
return(null);
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
if (string.Equals(provider, AuthConstants.Providers.Facebook))
{
parsedToken.user_id = jObj["data"]["user_id"];
parsedToken.app_id = jObj["data"]["app_id"];
if (!string.Equals(Startup.FacebookAuthOptions.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
}
return(parsedToken);
}
public async Task <IHttpActionResult> RegisterExternal(RegisterExternalModel model)
{
var verifiedAccessToken = new ParsedExternalAccessToken();
if (ModelState.IsValid)
{
var helper = OauthHelper.Create();
if (!string.IsNullOrEmpty(model.Provider) && !string.IsNullOrEmpty(model.ExternalAccessToken))
{
verifiedAccessToken = await helper.VerifyExternalAccessToken(model.Provider, model.ExternalAccessToken);
if (verifiedAccessToken == null)
{
return(this.JsonError(HttpStatusCode.BadRequest, 10, "Invalid Provider or External Access Token", ModelState));
}
}
var loginInfo = await SignInManager.AuthenticationManager.GetExternalLoginInfoAsync();
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(loginInfo.ExternalIdentity as ClaimsIdentity);
var registerGeneral = new RegisterGeneralModel()
{
UserName = model.UserName,
Email = model.Email,
//FirstName = externalLogin.UserName.Split(' ')[0], //First Name
//LastName = externalLogin.UserName.Split(' ').LastOrDefault(), //Last Name
ExternalAccessToken = model.ExternalAccessToken,
Provider = model.Provider
};
var regResult = await RegisterInternal(registerGeneral);
if (regResult.HasError)
{
return(JsonError(regResult.HttpStatusCode, regResult.ServerErrorCode, regResult.ErrorMessage, regResult.ModelState));
}
else
{
var result = new
{
userId = regResult.UserId
};
return(Json(result));
}
}
else
{
return(JsonError(HttpStatusCode.BadRequest, 10, "Warning", ModelState));
}
}
private async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
ParsedExternalAccessToken parsedToken = null;
string verifyTokenEndPoint;
if (provider.ToLower() == "facebook")
{
//You can get it from here: https://developers.facebook.com/tools/accesstoken/
//More about debug_tokn here: http://stackoverflow.com/questions/16641083/how-does-one-get-the-app-access-token-for-debug-token-inspection-on-facebook
var appToken = "368446986668931|ayca71CIxnRnK64m2h0ZYeEQCX8";
verifyTokenEndPoint =
string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken,
appToken);
}
else
{
parsedToken = new ParsedExternalAccessToken();
var identity = User.Identity as ClaimsIdentity;
var login = ExternalLoginData.FromIdentity(identity);
parsedToken.UserId = login.ProviderKey;
return(parsedToken);
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
if (provider == "Facebook")
{
parsedToken.UserId = jObj["data"]["user_id"];
parsedToken.AppId = jObj["data"]["app_id"];
}
else if (provider == "Google")
{
parsedToken.UserId = jObj["user_id"];
parsedToken.AppId = jObj["audience"];
}
}
return(parsedToken);
}
private async Task <ParsedExternalAccessToken> ParseTokenInfo(string verifyTokenEndPoint, string provider)
{
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)JsonConvert.DeserializeObject(content);
var parsedToken = new ParsedExternalAccessToken();
if (provider == LoginType.Facebook.ToString())
{
parsedToken.user_id = jObj["data"]["user_id"];
parsedToken.app_id = jObj["data"]["app_id"];
if (!string.Equals(Startup.FacebookAuthOptions.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
else if (provider == LoginType.Google.ToString())
{
parsedToken.user_id = jObj["user_id"];
parsedToken.app_id = jObj["audience"];
//if (!string.Equals(Startup.GoogleAuthOptions.ClientId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
//{
// return null;
//}
}
//else if (provider == LoginType.Instagram.ToString())
//{
// parsedToken.user_id = jObj["data"]["id"];
// parsedToken.app_id = string.Empty;
//}
//else if (provider == LoginType.LinkedIn.ToString())
//{
// parsedToken.user_id = jObj["id"];
//}
return(parsedToken);
}
return(null);
}
private async Task <ParsedExternalAccessToken> ParseAccessToken(string provider, string accessToken)
{
await this.VerifyExternalAccessToken(provider, accessToken);
string json;
string url = "";
if (provider == "Facebook")
{
url = string.Format("https://graph.facebook.com/me?access_token={0}", accessToken);
}
else if (provider == "Google")
{
url = string.Format("https://www.googleapis.com/oauth2/v2/userinfo?access_token={0}", accessToken);
}
else
{
throw new ApplicationException("Provider not supported.");
}
using (var client = new HttpClient())
{
json = await client.GetStringAsync(url);
}
dynamic jsonObject = JsonConvert.DeserializeObject(json);
var parsedToken = new ParsedExternalAccessToken
{
Email = jsonObject.email,
UserName = jsonObject.name,
UserIdProvider = jsonObject.id
};
if (jsonObject.gender == "male")
{
parsedToken.Gender = Gender.Man;
}
else if (jsonObject.gender == "female")
{
parsedToken.Gender = Gender.Woman;
}
else
{
parsedToken.Gender = Gender.NotSpecified;
}
return(parsedToken);
}
private async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
ParsedExternalAccessToken parsedToken = null;
var verifyTokenEndPoint = "";
if (provider == "Facebook")
{
//You can get it from here: https://developers.facebook.com/tools/accesstoken/
//More about debug_tokn here: http://stackoverflow.com/questions/16641083/how-does-one-get-the-app-access-token-for-debug-token-inspection-on-facebook
var appToken = "3058390497587092|56486ff5e9af123b45a8fadce341eb91";
verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken);
}
else
{
return(null);
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
if (provider == "Facebook")
{
parsedToken.user_id = jObj["data"]["user_id"];
parsedToken.app_id = jObj["data"]["app_id"];
if (!string.Equals(Startup.facebookAuthOptions.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
}
return(parsedToken);
}
private async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
ParsedExternalAccessToken parsedToken = null;
var verifyTokenEndPoint = "";
if (provider == "Google")
{
verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken);
}
else
{
return(null);
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
if (provider == "Google")
{
parsedToken.user_id = jObj["email"];
parsedToken.app_id = jObj["audience"];
if (!string.Equals(Startup.GoogleAuthOptions.ClientId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
else
{
throw new NotImplementedException();
}
}
return(parsedToken);
}
/// <summary>
/// Creates a new user based on a external access token.
/// </summary>
/// <param name="provider"></param>
/// <param name="verifiedAccessToken"></param>
/// <param name="externalAccessToken"></param>
/// <returns></returns>
private async Task <IHttpActionResult> CreateNewUserFromExternalAccesToken(string provider,
ParsedExternalAccessToken verifiedAccessToken, string externalAccessToken)
{
RegisterExternalBindingModel model = new RegisterExternalBindingModel()
{
UserName = verifiedAccessToken.email, // this is null
Provider = provider,
ExternalAccessToken = externalAccessToken
};
Student student = new Student();
student.username = verifiedAccessToken.email;
student.email = verifiedAccessToken.email;
KompetansetorgetServerContext db = new KompetansetorgetServerContext();
db.students.Add(student);
db.SaveChanges();
return(await RegisterExternal(model));
}
private static void loadUserProfile(string provider, ParsedExternalAccessToken verifiedAccessToken, JObject accessTokenResponse)
{
if (provider == LinkedIn)
{
accessTokenResponse.Add("userProfile", JToken.FromObject(verifiedAccessToken.userProfile));
}
if (provider == GitHub)
{
accessTokenResponse.Add("githubUserProfile", JToken.FromObject(verifiedAccessToken.githubUserProfile));
}
if (provider == StackExchange)
{
accessTokenResponse.Add("stackexchangeUserProfile", JToken.FromObject(verifiedAccessToken.stackexchangeUserProfile));
}
if (provider == Twitter)
{
accessTokenResponse.Add("twitterUserProfile", JToken.FromObject(verifiedAccessToken.twitterUserProfile));
}
}
public async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
ParsedExternalAccessToken parsedToken = null;
string verifyTokenEndPoint;
if (provider == "Facebook")
{
var appToken = ConfigurationManager.AppSettings["FacebookAppToken"];
verifyTokenEndPoint =
$"https://graph.facebook.com/debug_token?input_token={accessToken}&access_token={appToken}";
}
else
{
return(null);
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
if (provider == "Facebook")
{
parsedToken.user_id = jObj["data"]["user_id"];
parsedToken.app_id = jObj["data"]["app_id"];
if (!string.Equals(AuthConfig.FacebookAuthOptions.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
}
return(parsedToken);
}
private async Task <ParsedExternalAccessToken> GetUserIdwithAccessToken(string provider, string accessToken)
{
ParsedExternalAccessToken parsedToken = null;
var client = new HttpClient();
// Add a new Request Message
HttpRequestMessage requestMessage = new HttpRequestMessage(HttpMethod.Get, "https://api.pushbullet.com/v2/users/me");
// Add our custom headers
requestMessage.Headers.Add("Access-Token", accessToken);
//requestMessage.Headers.Add("Content-Type", "application/json");
// Send the request to the server
HttpResponseMessage response = await client.SendAsync(requestMessage);
//// Just as an example I'm turning the response into a string here
//string responseAsString = await response.Content.ReadAsStringAsync();
//var uri = new Uri("https://api.pushbullet.com/v2/users/me");//verifyTokenEndPoint);
//client.DefaultRequestHeaders.Add("Accept", "application/json");
//client.DefaultRequestHeaders.Add("Content-Type", "application/json");
//client.DefaultRequestHeaders.Add("Access-Token", accessToken);
//var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
//JObject jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
parsedToken.user_name = jObj.name;
parsedToken.user_id = jObj.iden;
}
return(parsedToken);
}
private async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
ParsedExternalAccessToken parsedToken = null;
var verifyTokenEndPoint = "";
if (provider == "Facebook")
{
//You can get it from here: https://developers.facebook.com/tools/accesstoken/
//More about debug_tokn here: http://stackoverflow.com/questions/16641083/how-does-one-get-the-app-access-token-for-debug-token-inspection-on-facebook
var appToken = "xxxxxx";
verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken);
}
else if (provider == "Google")
{
verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken);
}
else
{
return(null);
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
}
return(parsedToken);
}
public async Task <IHttpActionResult> ObtainLocalAccessToken(string provider, string externalAccessToken)
{
if (string.IsNullOrWhiteSpace(provider) || string.IsNullOrWhiteSpace(externalAccessToken))
{
return(BadRequest("Provider or external access token is not sent"));
}
// Verify that the access token supplied is valid
ParsedExternalAccessToken verifiedAccessToken = await VerifyExternalAccessToken(provider, externalAccessToken);
if (verifiedAccessToken == null)
{
return(BadRequest("Invalid Provider or External Access Token"));
}
// Find the user in our repository
IUser user = repository.GetUser(verifiedAccessToken.user_id, provider);
if (user == null)
{
// Register now
user = accountBusiness.CreateNewUser(
new User
{
AuthenticationUserId = verifiedAccessToken.user_id,
AuthenticationProvider = provider,
UserName = verifiedAccessToken.username
});
}
//generate access token response
var accessTokenResponse = GenerateLocalAccessTokenResponse(user);
// Return success with the bearer token for authorized access
return(Ok(new { token = accessTokenResponse, profile = user }));
}
private async Task<ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
ParsedExternalAccessToken parsedToken = null;
var verifyTokenEndPoint = "";
if (provider == "Facebook")
{
//You can get it from here: https://developers.facebook.com/tools/accesstoken/
//More about debug_tokn here: http://stackoverflow.com/questions/16641083/how-does-one-get-the-app-access-token-for-debug-token-inspection-on-facebook
var appToken = "1617509121824168|U-Kz0PRxEa1QJ80G0R_aADzLlBk";
verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken);
}
else if (provider == "Google")
{
verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken);
}
else
{
return null;
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
if (provider == "Facebook")
{
parsedToken.UserId = jObj["data"]["user_id"];
parsedToken.AppId = jObj["data"]["app_id"];
parsedToken.Claims = new List<Claim>
{
new Claim("user_id", jObj["data"]["user_id"].ToString()),
new Claim("app_id", jObj["data"]["app_id"].ToString()),
};
if (!string.Equals(Startup.FacebookAuthOptions.AppId, parsedToken.AppId, StringComparison.OrdinalIgnoreCase))
{
return null;
}
}
if (provider == "Google")
{
parsedToken.UserId = jObj["user_id"];
parsedToken.AppId = jObj["audience"];
parsedToken.Claims = new List<Claim>
{
new Claim("issued_to", jObj["issued_to"].ToString()),
new Claim("audience", jObj["audience"].ToString()),
new Claim("user_id", jObj["user_id"].ToString()),
new Claim("scope", jObj["scope"].ToString()),
new Claim("expires_in", jObj["expires_in"].ToString()),
new Claim("email", jObj["email"].ToString()),
new Claim("verified_email", jObj["verified_email"].ToString()),
new Claim("access_type", jObj["access_type"].ToString())
};
if (!string.Equals(Startup.GoogleAuthOptions.ClientId, parsedToken.AppId, StringComparison.OrdinalIgnoreCase))
{
return null;
}
}
}
return parsedToken;
}
private async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
ParsedExternalAccessToken parsedToken = null;
var verifyTokenEndPoint = "";
switch (provider)
{
case LinkedIn:
// verifyTokenEndPoint = string.Format("https://api.linkedin.com/v1/companies/universal-name=victor:(id,name,ticker,description)?oauth2_access_token={0}", accessToken);
verifyTokenEndPoint = string.Format("https://api.linkedin.com/v1/people/~:(id,first-name,last-name,formatted-name,email-address,positions,headline,location,public-profile-url)?oauth2_access_token={0}", accessToken);
break;
case GitHub:
verifyTokenEndPoint = string.Format("https://api.github.com/user?access_token={0}", accessToken);
break;
case Twitter:
verifyTokenEndPoint = string.Format("https://api.twitter.com/1.1/users/show.json?access_token={0}", accessToken);
break;
case StackExchange:
verifyTokenEndPoint = string.Format("https://api.stackexchange.com/2.2/me?order=desc&sort=reputation&site=stackoverflow&access_token={0}&key={1}", accessToken, Startup.stackexchangeAuthOptions.Key);
break;
case Facebook:
//You can get it from here: https://developers.facebook.com/tools/accesstoken/
//More about debug_tokn here: http://stackoverflow.com/questions/16641083/how-does-one-get-the-app-access-token-for-debug-token-inspection-on-facebook
var appToken = "xxxxx";
verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken);
break;
case GooglePlus:
verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken);
break;
case Stripe:
const string UserInfoEndpoint = "https://api.stripe.com/v1/account";
HttpRequestMessage userRequest;
var httpClient = getWebClient(accessToken, UserInfoEndpoint, out userRequest);
HttpResponseMessage graphResponse = await httpClient.SendAsync(userRequest);
graphResponse.EnsureSuccessStatusCode();
var content = await graphResponse.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
parsedToken.user_id = jObj["id"];
//parsedToken.email = jObj["email"];
return(parsedToken);
default:
break;
}
var client = new HttpClient();
if (provider == StackExchange)
{
var handler = new HttpClientHandler();
if (handler.SupportsAutomaticDecompression)
{
handler.AutomaticDecompression = DecompressionMethods.GZip |
DecompressionMethods.Deflate;
}
client = new HttpClient(handler);
}
var uri = new Uri(verifyTokenEndPoint);
if (provider.Equals(LinkedIn, StringComparison.InvariantCultureIgnoreCase))
{
client.DefaultRequestHeaders.Add("x-li-format", "json");
}
if (provider.Equals(GitHub, StringComparison.InvariantCultureIgnoreCase))
{
client.DefaultRequestHeaders.Add("User-Agent", ClientName);
}
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
string content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
JObject profile = jObj as JObject;
parsedToken = new ParsedExternalAccessToken();
switch (provider)
{
case LinkedIn:
parsedToken.user_id = jObj["id"];
parsedToken.userProfile = profile.ToObject <UserProfile>();
parsedToken.email = parsedToken.userProfile.emailAddress;
//if (!string.Equals(Startup.linkedinAuthOptions.ClientId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
//{
// return null;
//}
break;
case GitHub:
parsedToken.user_id = jObj["id"];
parsedToken.githubUserProfile = profile.ToObject <GitHubUserProfile>();
parsedToken.email = parsedToken.githubUserProfile.email;
break;
case Twitter:
parsedToken.user_id = jObj["id"];
parsedToken.twitterUserProfile = profile.ToObject <TwitterUserProfile>();
parsedToken.email = parsedToken.twitterUserProfile.email;
break;
case StackExchange:
parsedToken.stackexchangeUserProfile = profile.ToObject <Angjobs.Models.StackExchange.RootObject>().items[0];
parsedToken.user_id = parsedToken.stackexchangeUserProfile.user_id.ToString();
break;
case "Facebook":
parsedToken.user_id = jObj["data"]["user_id"];
parsedToken.app_id = jObj["data"]["app_id"];
if (!string.Equals(Startup.facebookAuthOptions.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
break;
case "GooglePlus":
parsedToken.user_id = jObj["user_id"];
parsedToken.app_id = jObj["audience"];
//parsedToken.email = jObj["email"];
if (!string.Equals(Startup.googleAuthOptions.ClientId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
break;
default:
break;
}
}
return(parsedToken);
}
private async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(ExternalLoginProviderName provider, string accessToken)
{
var verifyTokenEndPoint = "";
if (provider == ExternalLoginProviderName.Facebook)
{
//You can get it from here: https://developers.facebook.com/tools/accesstoken/
//More about debug_tokn here: http://stackoverflow.com/questions/16641083/how-does-one-get-the-app-access-token-for-debug-token-inspection-on-facebook
var appToken = ConfigurationManager.AppSettings["facebook:AppToken"];
verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken);
}
else if (provider == ExternalLoginProviderName.Google)
{
verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken);
}
else
{
return(null);
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (!response.IsSuccessStatusCode)
{
return(null);
}
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
ParsedExternalAccessToken parsedToken = new ParsedExternalAccessToken();
if (provider == ExternalLoginProviderName.Facebook)
{
parsedToken.UserID = jObj["data"]["user_id"];
parsedToken.AppID = jObj["data"]["app_id"];
if (!string.Equals(Startup.FacebookAuthOptions.AppId, parsedToken.AppID, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
var fbClient = new FacebookClient(accessToken);
dynamic userEmailInfo = fbClient.Get("/me?fields=email");
parsedToken.Email = userEmailInfo.email;
}
else if (provider == ExternalLoginProviderName.Google)
{
parsedToken.UserID = jObj["user_id"];
parsedToken.AppID = jObj["audience"];
parsedToken.Email = jObj["email"];
if (!string.Equals(Startup.GoogleAuthOptions.ClientId, parsedToken.AppID, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
return(parsedToken);
}
private async Task<ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
ParsedExternalAccessToken parsedToken = null;
var verifyTokenEndPoint = "";
if (provider == "Facebook")
{
//You can get it from here: https://developers.facebook.com/tools/accesstoken/
//More about debug_tokn here: http://stackoverflow.com/questions/16641083/how-does-one-get-the-app-access-token-for-debug-token-inspection-on-facebook
var appToken = "xxxxxx";
verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken);
}
else if (provider == "Google")
{
verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken);
}
else
{
return null;
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
if (provider == "Facebook")
{
parsedToken.user_id = jObj["data"]["user_id"];
parsedToken.app_id = jObj["data"]["app_id"];
if (!string.Equals(Startup.facebookAuthOptions.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return null;
}
}
else if (provider == "Google")
{
parsedToken.user_id = jObj["user_id"];
parsedToken.app_id = jObj["audience"];
if (!string.Equals(Startup.googleAuthOptions.ClientId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return null;
}
}
}
return parsedToken;
}
public async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(MixExternalLoginProviders provider, string accessToken, MixAuthenticationConfigurations appConfigs)
{
ParsedExternalAccessToken parsedToken = null;
string verifyTokenEndPoint;
switch (provider)
{
case MixExternalLoginProviders.Facebook:
//You can get it from here: https://developers.facebook.com/tools/accesstoken/
//More about debug_tokn here: http://stackoverflow.com/questions/16641083/how-does-one-get-the-app-access-token-for-debug-token-inspection-on-facebook
var appToken = $"{appConfigs.Facebook.AppId}|{appConfigs.Facebook.AppSecret}";
verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken);
break;
case MixExternalLoginProviders.Google:
verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken);
break;
case MixExternalLoginProviders.Twitter:
case MixExternalLoginProviders.Microsoft:
default:
return(null);
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = JObject.Parse(content);
parsedToken = new ParsedExternalAccessToken();
if (provider == MixExternalLoginProviders.Facebook)
{
parsedToken.user_id = jObj["data"]["user_id"];
parsedToken.app_id = jObj["data"]["app_id"];
if (!string.Equals(appConfigs.Facebook.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
else if (provider == MixExternalLoginProviders.Google)
{
parsedToken.user_id = jObj["user_id"];
parsedToken.app_id = jObj["audience"];
if (!string.Equals(appConfigs.Google.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
}
return(parsedToken);
}
private async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
try
{
ParsedExternalAccessToken parsedToken = null;
var verifyTokenEndPoint = "";
if (provider == "Facebook")
{
//You can get it from here: https://developers.facebook.com/tools/accesstoken/
//More about debug_tokn here: http://stackoverflow.com/questions/16641083/how-does-one-get-the-app-access-token-for-debug-token-inspection-on-facebook
var appToken = ConfigurationManager.AppSettings["fbAppToken"]; //"1616809328551404|qRN7xVIJWnNJxDXH-BHxgznZnnE";
verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken);
}
else if (provider == "Google")
{
verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken);
}
else
{
return(null);
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (response.IsSuccessStatusCode)
{
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
if (provider == "Facebook")
{
parsedToken.user_id = jObj["data"]["user_id"];
parsedToken.app_id = jObj["data"]["app_id"];
if (!string.Equals(Startup.facebookAuthOptions.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
else if (provider == "Google")
{
parsedToken.user_id = jObj["user_id"];
parsedToken.app_id = jObj["audience"];
if (!string.Equals(Startup.googleAuthOptions.ClientId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
}
return(parsedToken);
}
catch (Exception ex)
{
var x = ex.Message + " - " + ex.InnerException;
return(new ParsedExternalAccessToken());
//return Ok();
}
}
private static async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken)
{
ParsedExternalAccessToken parsedToken = null;
var verifyTokenEndPoint = "";
switch (provider)
{
case "Facebook":
//You can get it from here: https://developers.facebook.com/tools/accesstoken/
//More about debug_tokn here: http://stackoverflow.com/questions/16641083/how-does-one-get-the-app-access-token-for-debug-token-inspection-on-facebook
const string appToken = "xxxxxx";
verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken);
break;
case "Google":
verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken);
break;
default:
return(null);
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (!response.IsSuccessStatusCode)
{
return(null);
}
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)JsonConvert.DeserializeObject(content);
parsedToken = new ParsedExternalAccessToken();
switch (provider)
{
case "Facebook":
parsedToken.user_id = jObj["data"]["user_id"];
parsedToken.app_id = jObj["data"]["app_id"];
if (!string.Equals(Startup.FacebookAuthOptions.AppId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
break;
case "Google":
parsedToken.user_id = jObj["user_id"];
parsedToken.app_id = jObj["audience"];
if (!string.Equals(Startup.GoogleAuthOptions.ClientId, parsedToken.app_id, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
break;
}
return(parsedToken);
}
public async Task <JsonResult> ExternalLoginGetToken(string provider, string accessToken)
{
ParsedExternalAccessToken token = await this.ParseAccessToken(provider, accessToken);
IdentityUser user = await _authService.FindUser(new UserLoginInfo(provider, token.UserIdProvider));
if (user == null)
{
var result = await _authService.Create(new IdentityUser
{
Email = token.Email,
UserName = token.Email
});
if (result.Errors.Any())
{
return(Json(new
{
error = result.Errors.First(),
success = false
}, JsonRequestBehavior.AllowGet));
}
Guid userId = await this.FindUserIdFromEmail(token.Email);
await _authService.AddLoginExtenalLogin(userId.ToString(), new UserLoginInfo(provider, token.UserIdProvider));
await _userService.CreateUser(userId, token.Email, token.UserName);
string photoUrl;
switch (provider)
{
case "Facebook": photoUrl = await this.DownloadFacebookProfilePhoto(userId, token.UserIdProvider); break;
case "Google": photoUrl = await this.DownloadGoogleProfilePhoto(userId, accessToken); break;
default: throw new ApplicationException("Provider not supported");
}
await _userService.SetProfilePhotoUrl(userId, photoUrl);
await _userService.UpdateGender(userId, token.Gender);
user = await _authService.FindUser(new UserLoginInfo(provider, token.UserIdProvider));
}
//generate access token response
var accessTokenResponse = TokenGenerator.GenerateAccessToken(user.Id, user.Email);
return(Json(new
{
token = new
{
userName = accessTokenResponse.Value <string>("userName"),
access_token = accessTokenResponse.Value <string>("access_token"),
token_type = accessTokenResponse.Value <string>("token_type"),
expires_in = accessTokenResponse.Value <string>("expires_in")
},
success = true
}, JsonRequestBehavior.AllowGet));
}
