public virtual void AssociateExternalAccountWithUser(Customer customer, OpenAuthenticationParameters parameters)
{
if (customer == null)
{
throw new ArgumentNullException("customer");
}
//find email
string email = null;
if (parameters.UserClaims != null)
{
foreach (var userClaim in parameters.UserClaims
.Where(x => x.Contact != null && !String.IsNullOrEmpty(x.Contact.Email)))
{
//found
email = userClaim.Contact.Email;
break;
}
}
var externalAuthenticationRecord = new ExternalAuthenticationRecord()
{
CustomerId = customer.Id,
Email = email,
ExternalIdentifier = parameters.ExternalIdentifier,
ExternalDisplayIdentifier = parameters.ExternalDisplayIdentifier,
OAuthToken = parameters.OAuthToken,
OAuthAccessToken = parameters.OAuthAccessToken,
ProviderSystemName = parameters.ProviderSystemName,
};
_externalAuthenticationRecordRepository.Insert(externalAuthenticationRecord);
}
public virtual void AssociateExternalAccountWithUser(Customer customer, OpenAuthenticationParameters parameters)
{
if (customer == null)
throw new ArgumentNullException("customer");
//find email
string email = null;
if (parameters.UserClaims != null)
foreach (var userClaim in parameters.UserClaims
.Where(x => x.Contact != null && !String.IsNullOrEmpty(x.Contact.Email)))
{
//found
email = userClaim.Contact.Email;
break;
}
var externalAuthenticationRecord = new ExternalAuthenticationRecord()
{
CustomerId = customer.Id,
Email = email,
ExternalIdentifier = parameters.ExternalIdentifier,
ExternalDisplayIdentifier = parameters.ExternalDisplayIdentifier,
OAuthToken = parameters.OAuthToken,
OAuthAccessToken = parameters.OAuthAccessToken,
ProviderSystemName = parameters.ProviderSystemName,
};
_externalAuthenticationRecordRepository.Insert(externalAuthenticationRecord);
}
public virtual void RemoveAssociation(OpenAuthenticationParameters parameters)
{
var record = _externalAuthenticationRecordRepository.Table
.Where(o => o.ExternalIdentifier == parameters.ExternalIdentifier && o.ProviderSystemName == parameters.ProviderSystemName)
.FirstOrDefault();
if (record != null)
{
_externalAuthenticationRecordRepository.Delete(record);
}
}
public virtual Customer GetUser(OpenAuthenticationParameters parameters)
{
var record = _externalAuthenticationRecordRepository.Table
.Where(o => o.ExternalIdentifier == parameters.ExternalIdentifier && o.ProviderSystemName == parameters.ProviderSystemName)
.FirstOrDefault();
if (record != null)
{
return(_customerService.GetCustomerById(record.CustomerId));
}
return(null);
}
public virtual bool AccountExists(OpenAuthenticationParameters parameters)
{
return(GetUser(parameters) != null);
}
public static void StoreParametersForRoundTrip(OpenAuthenticationParameters parameters)
{
var session = GetSession();
session["sm.externalauth.parameters"] = parameters;
}
public virtual AuthorizationResult Authorize(OpenAuthenticationParameters parameters)
{
var userFound = _openAuthenticationService.GetUser(parameters);
var userLoggedIn = _workContext.CurrentCustomer.IsRegistered() ? _workContext.CurrentCustomer : null;
if (AccountAlreadyExists(userFound, userLoggedIn))
{
if (AccountIsAssignedToLoggedOnAccount(userFound, userLoggedIn))
{
// The person is trying to log in as himself.. bit weird
return(new AuthorizationResult(OpenAuthenticationStatus.Authenticated));
}
var result = new AuthorizationResult(OpenAuthenticationStatus.Error);
result.AddError("Account is already assigned");
return(result);
}
if (AccountDoesNotExistAndUserIsNotLoggedOn(userFound, userLoggedIn))
{
ExternalAuthorizerHelper.StoreParametersForRoundTrip(parameters);
if (AutoRegistrationIsEnabled())
{
#region Register user
var currentCustomer = _workContext.CurrentCustomer;
var details = new RegistrationDetails(parameters);
var randomPassword = CommonHelper.GenerateRandomDigitCode(20);
bool isApproved = _customerSettings.UserRegistrationType == UserRegistrationType.Standard;
var registrationRequest = new CustomerRegistrationRequest(currentCustomer, details.EmailAddress,
_customerSettings.UsernamesEnabled ? details.UserName : details.EmailAddress, randomPassword, PasswordFormat.Clear, isApproved);
var registrationResult = _customerRegistrationService.RegisterCustomer(registrationRequest);
if (registrationResult.Success)
{
//store other parameters (form fields)
if (!String.IsNullOrEmpty(details.FirstName))
{
_genericAttributeService.SaveAttribute(currentCustomer, SystemCustomerAttributeNames.FirstName, details.FirstName);
}
if (!String.IsNullOrEmpty(details.LastName))
{
_genericAttributeService.SaveAttribute(currentCustomer, SystemCustomerAttributeNames.LastName, details.LastName);
}
userFound = currentCustomer;
_openAuthenticationService.AssociateExternalAccountWithUser(currentCustomer, parameters);
ExternalAuthorizerHelper.RemoveParameters();
//code below is copied from CustomerController.Register method
//authenticate
if (isApproved)
{
_authenticationService.SignIn(userFound ?? userLoggedIn, false);
}
//notifications
if (_customerSettings.NotifyNewCustomerRegistration)
{
_workflowMessageService.SendCustomerRegisteredNotificationMessage(currentCustomer, _localizationSettings.DefaultAdminLanguageId);
}
switch (_customerSettings.UserRegistrationType)
{
case UserRegistrationType.EmailValidation:
{
//email validation message
_genericAttributeService.SaveAttribute(currentCustomer, SystemCustomerAttributeNames.AccountActivationToken, Guid.NewGuid().ToString());
_workflowMessageService.SendCustomerEmailValidationMessage(currentCustomer, _workContext.WorkingLanguage.Id);
//result
return(new AuthorizationResult(OpenAuthenticationStatus.AutoRegisteredEmailValidation));
}
case UserRegistrationType.AdminApproval:
{
//result
return(new AuthorizationResult(OpenAuthenticationStatus.AutoRegisteredAdminApproval));
}
case UserRegistrationType.Standard:
{
//send customer welcome message
_workflowMessageService.SendCustomerWelcomeMessage(currentCustomer, _workContext.WorkingLanguage.Id);
//result
return(new AuthorizationResult(OpenAuthenticationStatus.AutoRegisteredStandard));
}
default:
break;
}
}
else
{
ExternalAuthorizerHelper.RemoveParameters();
var result = new AuthorizationResult(OpenAuthenticationStatus.Error);
foreach (var error in registrationResult.Errors)
{
result.AddError(string.Format(error));
}
return(result);
}
#endregion
}
else if (RegistrationIsEnabled())
{
return(new AuthorizationResult(OpenAuthenticationStatus.AssociateOnLogon));
}
else
{
ExternalAuthorizerHelper.RemoveParameters();
var result = new AuthorizationResult(OpenAuthenticationStatus.Error);
result.AddError("Registration is disabled");
return(result);
}
}
if (userFound == null)
{
_openAuthenticationService.AssociateExternalAccountWithUser(userLoggedIn, parameters);
}
//migrate shopping cart
_shoppingCartService.MigrateShoppingCart(_workContext.CurrentCustomer, userFound ?? userLoggedIn);
//authenticate
_authenticationService.SignIn(userFound ?? userLoggedIn, false);
//activity log
_customerActivityService.InsertActivity("PublicStore.Login", _localizationService.GetResource("ActivityLog.PublicStore.Login"),
userFound ?? userLoggedIn);
return(new AuthorizationResult(OpenAuthenticationStatus.Authenticated));
}
public static void StoreParametersForRoundTrip(OpenAuthenticationParameters parameters)
{
var session = GetSession();
session["sm.externalauth.parameters"] = parameters;
}
public virtual AuthorizationResult Authorize(OpenAuthenticationParameters parameters)
{
var userFound = _openAuthenticationService.GetUser(parameters);
var userLoggedIn = _workContext.CurrentCustomer.IsRegistered() ? _workContext.CurrentCustomer : null;
if (AccountAlreadyExists(userFound, userLoggedIn))
{
if (AccountIsAssignedToLoggedOnAccount(userFound, userLoggedIn))
{
// The person is trying to log in as himself.. bit weird
return new AuthorizationResult(OpenAuthenticationStatus.Authenticated);
}
var result = new AuthorizationResult(OpenAuthenticationStatus.Error);
result.AddError("Account is already assigned");
return result;
}
if (AccountDoesNotExistAndUserIsNotLoggedOn(userFound, userLoggedIn))
{
ExternalAuthorizerHelper.StoreParametersForRoundTrip(parameters);
if (AutoRegistrationIsEnabled())
{
#region Register user
var currentCustomer = _workContext.CurrentCustomer;
var details = new RegistrationDetails(parameters);
var randomPassword = CommonHelper.GenerateRandomDigitCode(20);
bool isApproved = _customerSettings.UserRegistrationType == UserRegistrationType.Standard;
var registrationRequest = new CustomerRegistrationRequest(currentCustomer, details.EmailAddress,
_customerSettings.UsernamesEnabled ? details.UserName : details.EmailAddress, randomPassword, PasswordFormat.Clear, isApproved);
var registrationResult = _customerRegistrationService.RegisterCustomer(registrationRequest);
if (registrationResult.Success)
{
//store other parameters (form fields)
if (!String.IsNullOrEmpty(details.FirstName))
_genericAttributeService.SaveAttribute(currentCustomer, SystemCustomerAttributeNames.FirstName, details.FirstName);
if (!String.IsNullOrEmpty(details.LastName))
_genericAttributeService.SaveAttribute(currentCustomer, SystemCustomerAttributeNames.LastName, details.LastName);
userFound = currentCustomer;
_openAuthenticationService.AssociateExternalAccountWithUser(currentCustomer, parameters);
ExternalAuthorizerHelper.RemoveParameters();
//code below is copied from CustomerController.Register method
//authenticate
if (isApproved)
_authenticationService.SignIn(userFound ?? userLoggedIn, false);
//notifications
if (_customerSettings.NotifyNewCustomerRegistration)
_workflowMessageService.SendCustomerRegisteredNotificationMessage(currentCustomer, _localizationSettings.DefaultAdminLanguageId);
switch (_customerSettings.UserRegistrationType)
{
case UserRegistrationType.EmailValidation:
{
//email validation message
_genericAttributeService.SaveAttribute(currentCustomer, SystemCustomerAttributeNames.AccountActivationToken, Guid.NewGuid().ToString());
_workflowMessageService.SendCustomerEmailValidationMessage(currentCustomer, _workContext.WorkingLanguage.Id);
//result
return new AuthorizationResult(OpenAuthenticationStatus.AutoRegisteredEmailValidation);
}
case UserRegistrationType.AdminApproval:
{
//result
return new AuthorizationResult(OpenAuthenticationStatus.AutoRegisteredAdminApproval);
}
case UserRegistrationType.Standard:
{
//send customer welcome message
_workflowMessageService.SendCustomerWelcomeMessage(currentCustomer, _workContext.WorkingLanguage.Id);
//result
return new AuthorizationResult(OpenAuthenticationStatus.AutoRegisteredStandard);
}
default:
break;
}
}
else
{
ExternalAuthorizerHelper.RemoveParameters();
var result = new AuthorizationResult(OpenAuthenticationStatus.Error);
foreach (var error in registrationResult.Errors)
result.AddError(string.Format(error));
return result;
}
#endregion
}
else if (RegistrationIsEnabled())
{
return new AuthorizationResult(OpenAuthenticationStatus.AssociateOnLogon);
}
else
{
ExternalAuthorizerHelper.RemoveParameters();
var result = new AuthorizationResult(OpenAuthenticationStatus.Error);
result.AddError("Registration is disabled");
return result;
}
}
if (userFound == null)
{
_openAuthenticationService.AssociateExternalAccountWithUser(userLoggedIn, parameters);
}
//migrate shopping cart
_shoppingCartService.MigrateShoppingCart(_workContext.CurrentCustomer, userFound ?? userLoggedIn);
//authenticate
_authenticationService.SignIn(userFound ?? userLoggedIn, false);
//activity log
_customerActivityService.InsertActivity("PublicStore.Login", _localizationService.GetResource("ActivityLog.PublicStore.Login"),
userFound ?? userLoggedIn);
return new AuthorizationResult(OpenAuthenticationStatus.Authenticated);
}
public virtual void RemoveAssociation(OpenAuthenticationParameters parameters)
{
var record = _externalAuthenticationRecordRepository.Table
.Where(o => o.ExternalIdentifier == parameters.ExternalIdentifier && o.ProviderSystemName == parameters.ProviderSystemName)
.FirstOrDefault();
if (record != null)
_externalAuthenticationRecordRepository.Delete(record);
}
public virtual Customer GetUser(OpenAuthenticationParameters parameters)
{
var record = _externalAuthenticationRecordRepository.Table
.Where(o => o.ExternalIdentifier == parameters.ExternalIdentifier && o.ProviderSystemName == parameters.ProviderSystemName)
.FirstOrDefault();
if (record != null)
return _customerService.GetCustomerById(record.CustomerId);
return null;
}
public virtual bool AccountExists(OpenAuthenticationParameters parameters)
{
return GetUser(parameters) != null;
}
