public async Task <IActionResult> SignIn(string accessToken)
{
ExternalClaimsIdentity externalClaimsIdentity = await _externalAuthService.GetExternalClaimsIdentityAsync(WebUtility.UrlDecode(accessToken));
if (externalClaimsIdentity?.Sub == null)
{
return(BadRequest());
}
string singleUseAntiForgeryToken = GetAndSaveSingleUseAntiForgeryToken();
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, externalClaimsIdentity.Sub)
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity));
List <Person> people = await _externalPersonService.GetPeopleAsync(accessToken);
if ((people?.Any()).GetValueOrDefault())
{
await _personService.UpsertPeopleAsync(externalClaimsIdentity.Sub, people);
}
return(Ok(singleUseAntiForgeryToken));
}
public async Task <ExternalClaimsIdentity> GetExternalClaimsIdentityAsync(string accessToken)
{
try
{
HttpClient client = _httpClientFactory.CreateClient();
string uri = $"https://www.googleapis.com/oauth2/v3/tokeninfo?access_token={accessToken}";
string responseBody = await client.GetStringAsync(uri);
ExternalClaimsIdentity claimsIdentity = JsonConvert.DeserializeObject <ExternalClaimsIdentity>(responseBody);
if (claimsIdentity.Aud != _configuration["GoogleClientId"])
{
return(null);
}
return(claimsIdentity);
}
catch (Exception)
{
return(null);
}
}
