public async Task <RegistrationContext> GetRegistrationContext(string redirectUrl)
{
var disco = await _httpClient.GetDiscoveryDocumentAsync(_oidc.Authority);
if (disco.IsError)
{
throw new Exception(disco.Error);
}
var redirectUri = _urlBuilder.Create()
.Path(redirectUrl)
.ToString();
var registrationUrl = disco.TryGetString("registration_endpoint");
var tokenResponse = await _httpClient.RequestClientCredentialsTokenAsync(new ClientCredentialsTokenRequest
{
Address = disco.TokenEndpoint,
ClientId = _oidc?.ClientId,
ClientSecret = _oidc?.ClientSecret,
Scope = _options.Scope
});
if (tokenResponse.IsError)
{
throw new Exception(tokenResponse.Error);
}
var url = _urlBuilder
.Create(registrationUrl)
.AddQuery("ReturnUrl", redirectUri)
.AddQuery("token", HttpUtility.UrlEncode(tokenResponse.AccessToken))
.ToString();
return(new RegistrationContext(url));
}
public async Task <ForgotPasswordCommandResult> Handle(ForgotPasswordCommand request,
CancellationToken cancellationToken)
{
var user = await _userManager.FindByEmailAsync(request.Email);
if (user == null)
{
return new ForgotPasswordCommandResult
{
IsSuccess = false,
Message = $"User {request.Email} not found."
}
}
;
var token = await _userManager.GeneratePasswordResetTokenAsync(user);
var encodedToken = Base64UrlEncoder.Encode(token);
_urlBuilder
.Create(_interactionOptions.UserInteractionEndpoints.BaseUrl)
.Path(_interactionOptions.UserInteractionEndpoints.ResetPassword)
.AddQuery("userId", user.Id)
.AddQuery("token", encodedToken)
.AddQuery("returnUrl", request.ReturnUrl);
var forgotPasswordRequestedEvent = new ForgotPasswordRequestedEvent
{
UserId = user.Id,
Url = _urlBuilder.ToString()
};
await _eventPublisher.PublishAsync(forgotPasswordRequestedEvent);
return(new ForgotPasswordCommandResult
{
Token = token,
IsSuccess = true
});
}
}
public async Task <RegisterUserCommandResult> Handle(RegisterUserCommand request,
CancellationToken cancellationToken)
{
if (!string.IsNullOrWhiteSpace(request.Token))
{
var validationResult = await _tokenValidator.ValidateAccessTokenAsync(request.Token);
if (validationResult.IsError)
{
throw new DomainException(validationResult.Error);
}
if (!validationResult.Client?.RedirectUris.Any(url =>
url.Equals(request.ReturnUrl, StringComparison.OrdinalIgnoreCase)) ?? true)
{
throw new DomainException($"Invalid return url: {request.ReturnUrl}");
}
}
else if (!string.IsNullOrWhiteSpace(request.ReturnUrl))
{
var context = await _interactionService.GetAuthorizationContextAsync(request.ReturnUrl);
if (context == null)
{
throw new DomainException("Invalid context");
}
}
var user = await _userService.GetByUsername(request.Email, cancellationToken);
if (user != null)
{
return new RegisterUserCommandResult
{
IsSuccess = false,
Errors = new List <string>
{
$"Email {request.Email} already exists."
}
}
}
;
user = new ApplicationUser
{
Id = Guid.NewGuid().ToString(),
Email = request.Email,
UserName = request.Email,
EmailConfirmed = !_options.RequireConfirmedEmail
};
var password = !string.IsNullOrWhiteSpace(request.PlainTextPassword)
? request.PlainTextPassword
: Guid.NewGuid().ToString().ToSha256();
var result = await _userManager.CreateAsync(user, password);
var token = await _userManager.GenerateEmailConfirmationTokenAsync(user);
var encodedToken = Base64UrlEncoder.Encode(token);
var response = new RegisterUserCommandResult
{
Id = result.Succeeded ? user.Id : string.Empty,
IsSuccess = result.Succeeded,
Errors = result.Errors.Select(e => e.Description)
};
if (!result.Succeeded)
{
return(response);
}
_urlBuilder
.Create(_interactionOptions.UserInteractionEndpoints.BaseUrl)
.Path(_interactionOptions.UserInteractionEndpoints.ConfirmUser)
.AddQuery("userId", user.Id)
.AddQuery("token", encodedToken)
.AddQuery("returnUrl", request.ReturnUrl);
var userRegisteredEvent = new UserRegisteredEvent
{
UserId = user.Id,
Url = _urlBuilder.ToString()
};
await _eventPublisher.PublishAsync(userRegisteredEvent);
return(response);
}
}
