private static ExternalAuthenticationProvider PrepareExternalAuthenticationProvider() { if (TestCommon.RunningInGitHubWorkflow()) { Assert.Inconclusive("Skipping test because we're running inside a GitHub action and we don't have access to the certificate store"); } var provider = new ExternalAuthenticationProvider( // We get the access token using a CredentialManagerAuthenticationProvider (uri, scopes) => GetAccessToken(uri, scopes).GetAwaiter().GetResult()); return(provider); }
public async Task <(MySignInResult result, SignInData data)> SignInExternal(ExternalAuthenticationProvider provider, string idToken) { var(success, userData) = await _verifier.Verify(provider, idToken); if (!success) { return(MySignInResult.Failed, null); } if (string.IsNullOrWhiteSpace(userData.Email) || string.IsNullOrWhiteSpace(userData.FullName)) { var missingFields = new List <string>(); if (string.IsNullOrWhiteSpace(userData.Email)) { missingFields.Add(nameof(ExternalUserData.Email)); } if (string.IsNullOrWhiteSpace(userData.FullName)) { missingFields.Add(nameof(ExternalUserData.FullName)); } throw new ExternalAuthenticationInfoException( missingFields: missingFields, receivedData: userData ); } // Currently, in this sample app, we're not creating new local users for externally authenticated users. // Partically because that might involve privacy concerns. // TODO: Consider if user creation is needed, or if external logins should be registered in Identity tables. var token = _tokenService.CreateAuthenticationToken( userId: $"ext:{provider}:{userData.Email}", uniqueName: $"{userData.FullName} ({provider})"); return( result : MySignInResult.Success, data : new SignInData() { ExternalAuthenticationProvider = provider.ToString(), Username = userData.FullName, Email = userData.Email, Token = token } ); }
public Task <(bool success, ExternalUserData userData)> Verify(ExternalAuthenticationProvider provider, string idToken) => provider switch