Esempio n. 1
0
        public async Task <IActionResult> ExternalLoginAssociation(ExternalLoginAssociationViewModel model)
        {
            var user = await _userManager.FindByEmailAsync(model.Email);

            var result = await _userManager.AddLoginAsync(user, new UserLoginInfo(model.Provider, model.ProviderKey, model.ProviderDisplayName ?? model.Provider));

            if (result.Succeeded)
            {
                return(RedirectToAction(nameof(Callback)));
            }

            return(View("ExternalLoginFailure")); //RedirectToAction(nameof(AccountController.Login));
        }
Esempio n. 2
0
        public async Task <IActionResult> Callback()
        {
            // read external identity from the temporary cookie
            var result = await HttpContext.AuthenticateAsync(IdentityServer4.IdentityServerConstants.ExternalCookieAuthenticationScheme);

            if (result?.Succeeded != true)
            {
                throw new Exception("External authentication error");
            }
            var retrnurl = result.Properties.Items["returnUrl"];

            // lookup our user and external provider info
            var(user, provider, providerUserId, claims) = await FindUserFromExternalProviderAsync(result);

            if (user == null)
            {
                // this might be where you might initiate a custom workflow for user registration
                // in this sample we don't show how that would be done, as our sample implementation
                // simply auto-provisions new external user
                //user = _userManager.FindByEmailAsync(claim)
                var email = claims.FirstOrDefault(x => x.Value.Contains("@"))?.Value;
                if (!string.IsNullOrWhiteSpace(email))
                {
                    var tentativeUser = await _userManager.FindByEmailAsync(email);

                    if (tentativeUser != null)
                    {
                        //var retrnurl = result.Properties.Items["returnUrl"];
                        var m = new ExternalLoginAssociationViewModel {
                            Email               = email,
                            Provider            = provider,
                            ProviderKey         = providerUserId,
                            ProviderDisplayName = provider,
                            ReturnUrl           = retrnurl
                        };
                        return(View("ExternalLoginAssociation", m));
                    }
                }
                else
                {
                    email = "None";
                }

                //await HttpContext.SignOutAsync(IdentityServer4.IdentityServerConstants.ExternalCookieAuthenticationScheme);
                return(View("ExternalLoginFailure", new ExternalLoginFailureViewModel {
                    Email = email, RedirectUri = retrnurl, ClientName = ""
                }));                                                                                                                               //RedirectToAction(nameof(AccountController.Login));

                //user = AutoProvisionUser(provider, providerUserId, claims);
                //return RedirectToAction(nameof(AccountController.Login));
            }

            // this allows us to collect any additonal claims or properties
            // for the specific prtotocols used and store them in the local auth cookie.
            // this is typically used to store data needed for signout from those protocols.
            var additionalLocalClaims = new List <Claim>();

            var localSignInProps = new AuthenticationProperties()
            {
                IsPersistent = true,
                ExpiresUtc   = DateTimeOffset.UtcNow.Add(AccountOptions.ExternalProviderLoginDurationOverride)
            };

            ProcessLoginCallbackForOidc(result, additionalLocalClaims, localSignInProps);
            ProcessLoginCallbackForWsFed(result, additionalLocalClaims, localSignInProps);
            ProcessLoginCallbackForSaml2p(result, additionalLocalClaims, localSignInProps);

            // issue authentication cookie for user
            await _events.RaiseAsync(new UserLoginSuccessEvent(provider, providerUserId, user.Id, user.UserName));

            await _signInManager.SignInAsync(user, localSignInProps, provider);

            //await HttpContext.SignInAsync(user.Id, user.UserName, provider, localSignInProps, additionalLocalClaims.ToArray());

            // delete temporary cookie used during external authentication
            await HttpContext.SignOutAsync(IdentityServer4.IdentityServerConstants.ExternalCookieAuthenticationScheme);


            // retrieve return URL
            var returnUrl = result.Properties.Items["returnUrl"] ?? "~/";

            // check if external login is in the context of an OIDC request
            var context = await _interaction.GetAuthorizationContextAsync(returnUrl);

            if (context != null)
            {
                if (await _clientStore.IsPkceClientAsync(context.ClientId))
                {
                    // if the client is PKCE then we assume it's native, so this change in how to
                    // return the response is for better UX for the end user.
                    return(View("Redirect", new RedirectViewModel {
                        RedirectUrl = returnUrl
                    }));
                }
            }

            return(Redirect(returnUrl));
        }