public async Task <ActionResult> CreateLocalAccountPost(EducationRegisterViewModel model) { var tenantId = User.GetTenantId(); var graphServiceClient = await AuthenticationHelper.GetGraphServiceClientAsync(); IGraphClient graphClient = new MSGraphClient(graphServiceClient); var user = await graphClient.GetCurrentUserAsync(); var tenant = await graphClient.GetTenantAsync(tenantId); model.Email = user.Mail ?? user.UserPrincipalName; model.FavoriteColors = Constants.FavoriteColors; // Create a new local user var localUser = new ApplicationUser { Email = model.Email, UserName = model.Email, FavoriteColor = model.FavoriteColor }; var result = await userManager.CreateAsync(localUser); if (!result.Succeeded) { AddErrors(result); return(View(model)); } // Update the local user await applicationService.UpdateLocalUserAsync(localUser, user, tenant); SetCookiesForO365User(user.GivenName + " " + user.Surname, user.Mail); return(RedirectToAction("Index", "Schools")); }
// // GET: /Link/LoginLocal public async Task <ActionResult> LoginLocal(LoginViewModel model) { var graphServiceClient = await AuthenticationHelper.GetGraphServiceClientAsync(); IGraphClient graphClient = new MSGraphClient(graphServiceClient); var user = await graphClient.GetCurrentUserAsync(); var localUser = userManager.FindByEmail(string.IsNullOrEmpty(user.Mail)? user.UserPrincipalName:user.Mail); if (localUser == null) { foreach (var modelValue in ModelState.Values) { modelValue.Errors.Clear(); } return(View(model)); } var tenantId = User.GetTenantId(); if (localUser.O365UserId.IsNotNullAndEmpty()) { ModelState.AddModelError("Email", "The local account has already been linked to another Office 365 account."); return(View(model)); } var tenant = await graphClient.GetTenantAsync(tenantId); await applicationService.UpdateLocalUserAsync(localUser, user, tenant); SetCookiesForO365User(user.GivenName + " " + user.Surname, user.Mail); TempData["Message"] = Resources.LinkO365AccountSuccess; TempData[HandleAdalExceptionAttribute.ChallengeImmediatelyTempDataKey] = true; return(RedirectToAction("Index", "Schools")); }
// // GET: /Link/ProcessCode public async Task <ActionResult> ProcessCode(string code, string error, string error_description, string resource, string state) { if (TempData[StateKey] as string != state) { TempData["Error"] = "Invalid operation. Please try again"; return(RedirectToAction("Index")); } var authResult = await AuthenticationHelper.GetAuthenticationResultAsync(code); var tenantId = authResult.TenantId; var graphServiceClient = authResult.CreateGraphServiceClient(); IGraphClient graphClient = new MSGraphClient(graphServiceClient); var user = await graphClient.GetCurrentUserAsync(); var tenant = await graphClient.GetTenantAsync(tenantId); var isAccountLinked = await applicationService.IsO365AccountLinkedAsync(user.Id); if (isAccountLinked) { TempData["Error"] = $"Failed to link accounts. The Office 365 account '{ user.Mail ?? user.UserPrincipalName}' is already linked to another local account."; return(RedirectToAction("Index")); } // Link the AAD User with local user. var localUser = await applicationService.GetCurrentUserAsync(); await applicationService.UpdateLocalUserAsync(localUser, user, tenant); // Re-sign in user. Required claims (roles, tenent id and user object id) will be added to current user's identity. await signInManager.SignInAsync(localUser, isPersistent : false, rememberBrowser : false); TempData["Message"] = Resources.LinkO365AccountSuccess; TempData[HandleAdalExceptionAttribute.ChallengeImmediatelyTempDataKey] = true; SetCookiesForO365User(user.GivenName + " " + user.Surname, user.UserPrincipalName); return(RedirectToAction("Index", "Home")); }
public async Task <ActionResult> LoginLocalPost(LoginViewModel model) { if (!ModelState.IsValid) { return(View(model)); } var localUser = userManager.FindByEmail(model.Email); if (localUser == null) { ModelState.AddModelError("", "Invalid login attempt."); return(View(model)); } if (localUser.O365UserId.IsNotNullAndEmpty()) { ModelState.AddModelError("Email", "The local account has already been linked to another Office 365 account."); return(View(model)); } if (!await userManager.CheckPasswordAsync(localUser, model.Password)) { ModelState.AddModelError("", "Invalid login attempt."); return(View(model)); } var tenantId = User.GetTenantId(); var graphServiceClient = await AuthenticationHelper.GetGraphServiceClientAsync(); IGraphClient graphClient = new MSGraphClient(graphServiceClient); var user = await graphClient.GetCurrentUserAsync(); var tenant = await graphClient.GetTenantAsync(tenantId); await applicationService.UpdateLocalUserAsync(localUser, user, tenant); SetCookiesForO365User(user.GivenName + " " + user.Surname, user.Mail); return(RedirectToAction("Index", "Schools")); }
public async Task <ActionResult> ProcessCode(string code, string error, string error_description, string resource, string state) { var redirectUrl = (TempData[AdminConsentRedirectUrlKey] as string) ?? Url.Action("Index"); if (TempData[StateKey] as string != state) { TempData["Error"] = "Invalid operation. Please try again"; return(Redirect(redirectUrl)); } // Get the tenant var authResult = await AuthenticationHelper.GetAuthenticationResultAsync(code); var graphServiceClient = authResult.CreateGraphServiceClient(); var graphClient = new MSGraphClient(graphServiceClient); var tenant = await graphClient.GetTenantAsync(authResult.TenantId); // Create (or update) an organization, and make it as AdminConsented await applicationService.CreateOrUpdateOrganizationAsync(tenant, true); TempData["Message"] = "Admin consented successfully!"; redirectUrl += (redirectUrl.Contains("?") ? "&" : "?") + "consented=true"; return(Redirect(redirectUrl)); }