public async Task <IHttpActionResult> ExternalLoginComplete(string access_token) { ExternalAccessToken externalToken = ExternalTokenHandler.Unprotect(access_token); if (externalToken == null || !externalToken.IsValid) { return(BadRequest("External login failure.")); } string userId = await IdentityStore.GetUserIdForLogin(externalToken.LoginProvider, externalToken.ProviderKey); if (String.IsNullOrEmpty(userId)) { return(Content(HttpStatusCode.OK, new RegisterExternalLoginViewModel { UserName = externalToken.DisplayName, LoginProvider = externalToken.LoginProvider })); } ClaimsIdentity identity = await GetIdentityAsync(userId); string token = CreateAccessToken(identity); IUser user = await IdentityStore.Context.Users.Find(userId); return(OAuthAccessToken(token, "bearer", user.UserName)); }
public async Task <IHttpActionResult> AddExternalLogin(AddExternalLoginBindingModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } ExternalAccessToken token = ExternalTokenHandler.Unprotect(model.ExternalAccessToken); if (token == null || !token.IsValid) { return(BadRequest("External login failure.")); } string userId = await IdentityStore.GetUserIdForLogin(token.LoginProvider, token.ProviderKey); if (!String.IsNullOrEmpty(userId)) { return(BadRequest("The external login is already associated with an account.")); } // The current user is logged in, just add the new account if (!await IdentityStore.AddLogin(User.Identity.GetUserId(), token.LoginProvider, token.ProviderKey)) { return(BadRequest("Failed to add the external login.")); } return(OK()); }
private static async Task <ExternalAccessToken> VerifyExternalAccessToken(string provider, string accessToken) { ExternalAccessToken externalAccessToken = null; string verifyTokenEndPoint; if (provider == "Facebook") { var facebookAppToken = "1540544966219959|eATZ1vQ6TzVBWDE5SS4MGo_5ymw"; verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, facebookAppToken); } else if (provider == "Google") { verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken); } else { return(null); } var client = new HttpClient(); var uri = new Uri(verifyTokenEndPoint); var response = await client.GetAsync(uri); if (response.IsSuccessStatusCode) { var content = await response.Content.ReadAsStringAsync(); dynamic jObj = Newtonsoft.Json.JsonConvert.DeserializeObject(content); externalAccessToken = new ExternalAccessToken(); if (provider == "Facebook") { externalAccessToken.user_id = jObj["data"]["user_id"]; externalAccessToken.app_id = jObj["data"]["app_id"]; if (!string.Equals(Startup.FacebookAuthOptions.AppId, externalAccessToken.app_id, StringComparison.OrdinalIgnoreCase)) { return(null); } } else if (provider == "Google") { externalAccessToken.user_id = jObj["user_id"]; externalAccessToken.app_id = jObj["audience"]; if (!string.Equals(Startup.GoogleAuthOptions.ClientId, externalAccessToken.app_id, StringComparison.OrdinalIgnoreCase)) { return(null); } } } return(externalAccessToken); }
public async Task <IHttpActionResult> RegisterExternal(RegisterExternalBindingModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } ExternalAccessToken externalToken = ExternalTokenHandler.Unprotect(model.ExternalAccessToken); if (externalToken == null || !externalToken.IsValid) { return(BadRequest("External login failure.")); } string existingUserId = await IdentityStore.GetUserIdForLogin(externalToken.LoginProvider, externalToken.ProviderKey); if (!String.IsNullOrEmpty(existingUserId)) { return(BadRequest("The external login is already associated with an account.")); } if (await IdentityStore.GetUserIdForLocalLogin(model.UserName) != null) { return(BadRequest("A user with the name '{0}' already exists.", model.UserName)); } // Create a profile and link the local account before signing in the user User user = new User(model.UserName); try { if (!await IdentityStore.CreateExternalUser(user, externalToken.LoginProvider, externalToken.ProviderKey)) { return(BadRequest("Failed to create login for '{0}'.", model.UserName)); } } catch (IdentityException e) { return(BadRequest(e.ToString())); } InitiateDatabaseForNewUser(user.Id); ClaimsIdentity identity = await GetIdentityAsync(user.Id); string token = CreateAccessToken(identity); return(OAuthAccessToken(token, "bearer", user.UserName)); }
private string CreateExternalAccessToken(ClaimsIdentity identity, TimeSpan expiresIn) { Claim providerKeyClaim = identity.FindFirst(ClaimTypes.NameIdentifier); if (providerKeyClaim == null || String.IsNullOrEmpty(providerKeyClaim.Issuer)) { return(null); } ExternalAccessToken token = new ExternalAccessToken { LoginProvider = providerKeyClaim.Issuer, ProviderKey = providerKeyClaim.Value, DisplayName = identity.Name, Expires = DateTime.UtcNow.Add(expiresIn) }; return(ExternalTokenHandler.Protect(token)); }