private async Task <FacebookUser> FacebookDataAsync(FacebookCredentials credentials)
{
// Create a query string with the Facebook access token.
var fbRequestUrl = $"https://graph.facebook.com/me?fields=birthday,email,name&access_token={credentials.AccessToken}";
// Create an HttpClient request.
var client = new HttpClient();
// Request the current user info from Facebook.
var resp = await client.GetAsync(fbRequestUrl);
resp.EnsureSuccessStatusCode();
// Do something here with the Facebook user information.
var fbInfoString = await resp.Content.ReadAsStringAsync();
var fbInfo = JsonConvert.DeserializeObject <FacebookUser>(fbInfoString);
// Carico l'immagine dell'utente
var fbRequestImageUrl = $"https://graph.facebook.com/me/picture?access_token={credentials.AccessToken}";
var respImage = await client.GetAsync(fbRequestImageUrl);
respImage.EnsureSuccessStatusCode();
fbInfo.profile_image = await respImage.Content.ReadAsByteArrayAsync();
return(fbInfo);
}
public void PopulateProviderCredentials_Facebook_CreatesExpectedCredentials()
{
const string UserIdClaimValue = "FacebookId";
FacebookCredentials credentials = new FacebookCredentials();
TokenResult tokenResult = new TokenResult();
tokenResult.Properties.Add(TokenResult.Authentication.AccessTokenName, "TestAccessToken");
Dictionary <string, string> claims = new Dictionary <string, string>
{
{ "Claim1", "Value1" },
{ "Claim2", "Value1" },
{ "Claim3", "Value1" },
{ ClaimTypes.NameIdentifier, UserIdClaimValue }
};
tokenResult.Claims = claims;
MobileAppUser.PopulateProviderCredentials(tokenResult, credentials);
Assert.Equal("TestAccessToken", credentials.AccessToken);
Assert.Equal(UserIdClaimValue, credentials.UserId);
Assert.Equal(claims.Count, credentials.Claims.Count);
}
public void PopulateProviderCredentials_Facebook_CreatesExpectedCredentials()
{
const string UserIdClaimValue = "FacebookId";
FacebookCredentials credentials = new FacebookCredentials();
TokenEntry tokenEntry = new TokenEntry("facebook");
tokenEntry.AccessToken = "TestAccessToken";
List <ClaimSlim> claims = new List <ClaimSlim>
{
new ClaimSlim("Claim1", "Value1"),
new ClaimSlim("Claim2", "Value2"),
new ClaimSlim("Claim3", "Value3"),
};
tokenEntry.UserClaims = claims;
tokenEntry.UserId = UserIdClaimValue;
IPrincipalExtensions.PopulateProviderCredentials(tokenEntry, credentials);
Assert.Equal("TestAccessToken", credentials.AccessToken);
Assert.Equal(UserIdClaimValue, credentials.UserId);
Assert.Equal(claims.Count, credentials.Claims.Count);
Assert.Equal(claims.Count, credentials.UserClaims.Count());
}
void FillDataFromFacebook(FacebookCredentials credentials, out string first, out string last, out string profile)
{
first = credentials.UserClaims.FirstOrDefault(c => c.Type == ClaimTypes.GivenName)?.Value ?? string.Empty;
last = credentials.UserClaims.FirstOrDefault(c => c.Type == ClaimTypes.Surname)?.Value ?? string.Empty;
var id = credentials.UserClaims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier)?.Value ??
string.Empty;
profile = $"https://graph.facebook.com/{id}/picture?type=large";
}
private void ValidateLoginToken(string token, FacebookCredentials expectedCredentials)
{
// validate the token and get the claims principal
ClaimsPrincipal claimsPrincipal = null;
Assert.True(this.tokenHandler.TryValidateLoginToken(token, TestSecretKey, out claimsPrincipal));
// create a user from the token and validate properties
MobileAppUser user = this.tokenHandler.CreateServiceUser((ClaimsIdentity)claimsPrincipal.Identity, token);
Assert.Equal(expectedCredentials.UserId, user.Id);
Assert.Equal(token, user.MobileAppAuthenticationToken);
}
public AppServiceTokenHandlerTests()
{
this.config = new HttpConfiguration();
this.tokenHandlerMock = new Mock <AppServiceTokenHandler>(this.config)
{
CallBase = true
};
this.tokenHandler = this.tokenHandlerMock.Object;
this.credentials = new FacebookCredentials
{
UserId = "Facebook:1234",
AccessToken = "abc123"
};
}
private FacebookDetails GetFacebookDetails(FacebookCredentials facebookCredentials)
{
FacebookClient facebookClient = new FacebookClient(facebookCredentials.AccessToken);
dynamic me = facebookClient.Get("me");
return(new FacebookDetails()
{
UserId = me.id,
EmailAddress = me.email,
FirstName = me.first_name,
LastName = me.last_name
});
}
public SecurityController(UserManager <AppUser> userManager,
IUserBusiness userBusiness,
IOptions <AppSettings> appSettings,
JwtOptions jwtOptions,
IOptions <FacebookCredentials> facebookCredentials,
IJwtFactory jwtFactory)
{
this._userManager = userManager;
_userBusiness = userBusiness;
this._jwtOptions = jwtOptions;
this._jwtFactory = jwtFactory;
_facebookCredentials = facebookCredentials.Value;
_appSettings = appSettings.Value;
}
public ServiceUserTests()
{
this.facebookCredentials = new FacebookCredentials()
{
UserId = "Facebook:FBUserId", AccessToken = "ABCDEF"
};
HttpConfiguration config = new HttpConfiguration();
this.tokenHandlerMock = new Mock <MobileAppTokenHandler>(config)
{
CallBase = true
};
this.tokenHandler = this.tokenHandlerMock.Object;
}
public IPrincipalExtensionsTests()
{
this.facebookCredentials = new FacebookCredentials()
{
UserId = "Facebook:FBUserId", AccessToken = "ABCDEF"
};
HttpConfiguration config = new HttpConfiguration();
this.tokenHandlerMock = new Mock <AppServiceTokenHandler>(config)
{
CallBase = true
};
this.tokenHandler = this.tokenHandlerMock.Object;
}
/// <summary>
/// GET api/UserProfile/UserName/<provider>
/// </summary>
/// <param name="provider">The MobileServiceAuthenticationProvider value that specifies which provider to access</param>
/// <returns>Returns the user's display name</returns>
/// <remarks>
/// If you need other properties from the provider then add additional API to this controller
/// </remarks>
async public Task <string> GetUserName(string provider)
{
string userName = null;
try
{
if (provider == "MicrosoftAccount")
{
MicrosoftAccountCredentials credential = await User.GetAppServiceIdentityAsync <MicrosoftAccountCredentials>(Request);
userName = credential.Claims["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"];
}
else if (provider == "Google")
{
GoogleCredentials credential = await User.GetAppServiceIdentityAsync <GoogleCredentials>(Request);
userName = credential.Claims["name"];
}
else if (provider == "Twitter")
{
TwitterCredentials credential = await User.GetAppServiceIdentityAsync <TwitterCredentials>(Request);
userName = credential.Claims["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"];
}
else if (provider == "Facebook")
{
FacebookCredentials credential = await User.GetAppServiceIdentityAsync <FacebookCredentials>(Request);
userName = credential.Claims["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"];
}
else if (provider == "WindowsAzureActiveDirectory")
{
AzureActiveDirectoryCredentials credential = await User.GetAppServiceIdentityAsync <AzureActiveDirectoryCredentials>(Request);
userName = credential.Claims["name"];
}
}
catch (Exception e)
{
System.Diagnostics.Debug.WriteLine("Exception in UserProfileController.GetUserName(): " + e.Message);
userName = "******";
}
return(userName);
}
public async Task GetIdentityAsync_Succeeds()
{
// Arrange
TokenEntry tokenEntry = new TokenEntry("facebook");
tokenEntry.UserId = "userId";
tokenEntry.AccessToken = "accessToken";
tokenEntry.UserClaims = new List <ClaimSlim>()
{
new ClaimSlim(ClaimTypes.NameIdentifier, "11111111"),
new ClaimSlim("groups", "group 1"),
new ClaimSlim("groups", "group 2")
};
HttpResponseMessage response = CreateOkResponseWithContent(tokenEntry);
MockHttpMessageHandler handler = new MockHttpMessageHandler(response);
ClaimsPrincipal user = new ClaimsPrincipal(CreateMockClaimsIdentity(new[] { new Claim(JwtRegisteredClaimNames.Iss, "http://contoso.com") }, true));
HttpRequestMessage request = new HttpRequestMessage();
request.Headers.Add(AuthHeaderName, "token");
//Act
FacebookCredentials creds = await user.GetAppServiceIdentityAsync <FacebookCredentials>(request, new HttpClient(handler));
// Assert
Assert.Equal(tokenEntry.UserId, creds.UserId);
Assert.Equal(tokenEntry.AccessToken, creds.AccessToken);
Assert.Equal("Facebook", creds.Provider);
// Verify Claims
Assert.Equal(2, creds.Claims.Count());
Assert.Equal("11111111", creds.Claims[ClaimTypes.NameIdentifier]);
Assert.Equal("group 2", creds.Claims["groups"]); // this is overwritten
// Verify UserClaims
Assert.Equal(3, creds.UserClaims.Count());
Assert.Equal("11111111", creds.UserClaims.Single(c => c.Type == ClaimTypes.NameIdentifier).Value);
Assert.Equal(2, creds.UserClaims.Count(c => c.Type == "groups"));
Assert.Equal(new[] { "group 1", "group 2" }, creds.UserClaims.Where(c => c.Type == "groups").Select(c => c.Value));
Assert.Equal("http://contoso.com/.auth/me?provider=facebook", handler.ActualRequest.RequestUri.ToString());
Assert.Equal("token", handler.ActualRequest.GetHeaderOrDefault(AuthHeaderName));
}
public TokenInfo GetDummyUserToken()
{
ProviderCredentials creds = new FacebookCredentials
{
Provider = "Facebook",
UserId = "Facebook:[email protected]",
AccessToken = "somepassword"
};
Claim[] claims = new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, creds.UserId)
};
ClaimsIdentity claimsIdentity = new ClaimsIdentity(claims);
TokenInfo tokenInfo = this.handler.CreateTokenInfo(claimsIdentity, creds, TimeSpan.FromDays(10), this.Services.Settings.MasterKey);
LoginResult actual = this.handler.CreateLoginResult(tokenInfo, creds, this.Services.Settings.MasterKey);
return(tokenInfo);
}
public TokenInfo GetDummyUserToken()
{
ProviderCredentials creds = new FacebookCredentials
{
Provider = "Facebook",
UserId = "Facebook:[email protected]",
AccessToken = "somepassword"
};
Claim[] claims = new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, creds.UserId)
};
ClaimsIdentity claimsIdentity = new ClaimsIdentity(claims);
TokenInfo tokenInfo = this.handler.CreateTokenInfo(claimsIdentity, creds, TimeSpan.FromDays(10), this.Services.Settings.MasterKey);
LoginResult actual = this.handler.CreateLoginResult(tokenInfo, creds, this.Services.Settings.MasterKey);
return tokenInfo;
}
public FormResponse Login([FromBody] FacebookCredentials facebookCredentials)
{
FormResponse formResponse = new FormResponse();
FacebookDetails facebookDetails = this.GetFacebookDetails(facebookCredentials);
if (this.Members.Login(facebookDetails.EmailAddress, this.GetPassword(facebookDetails)))
{
formResponse.Success = true;
formResponse.Message = ((IPartier)this.Members.GetByUsername(facebookDetails.EmailAddress)).PartyUrl;
}
else
{
this.ModelState.AddModelError("LoginValidation", "Unknown user");
formResponse.Errors = this.ModelState.GetErrors();
}
return(formResponse);
}
// GET api/<controller>
public async Task <User> Get()
{
if (credentials == null)
{
// get the credentials of the user who already signed in
credentials = await User.GetAppServiceIdentityAsync <FacebookCredentials>(Request);
}
fbRequestUrl = "https://graph.facebook.com/me?fields=name,email,id&access_token=" + credentials.AccessToken;
var client = new HttpClient();
var resp = await client.GetAsync(fbRequestUrl);
resp.EnsureSuccessStatusCode();
var fbInfo = await resp.Content.ReadAsStringAsync();
FacebookInfo info = JsonConvert.DeserializeObject <FacebookInfo>(fbInfo);
context = new ToDoTogetherAppContext();
domainManager = new EntityDomainManager <DataObjects.User>(context, Request);
var user = context.Users.FirstOrDefault(u => u.Email == info.Email);
// create new user in the database if one doesn't already exist
if (user == null)
{
user = new DataObjects.User {
Email = info.Email, UserName = info.Name, ProviderId = info.Id
};
await domainManager.InsertAsync(user);
}
// add user to the database with just an email (user was previously added by someone else to the project as a colaborator)
else if (string.IsNullOrEmpty(user.ProviderId))
{
user.UserName = info.Name;
user.ProviderId = info.Id;
await context.SaveChangesAsync();
}
return(user);
}
public async Task <object> Get()
{
FacebookCredentials fbCreds = await this.User.GetAppServiceIdentityAsync <FacebookCredentials>(this.Request);
TwitterCredentials twitterCreds = await this.User.GetAppServiceIdentityAsync <TwitterCredentials>(this.Request);
GoogleCredentials googCreds = await this.User.GetAppServiceIdentityAsync <GoogleCredentials>(this.Request);
MicrosoftAccountCredentials msCreds = await this.User.GetAppServiceIdentityAsync <MicrosoftAccountCredentials>(this.Request);
AzureActiveDirectoryCredentials aadCreds = await this.User.GetAppServiceIdentityAsync <AzureActiveDirectoryCredentials>(this.Request);
return(new
{
FacebookCreds = fbCreds,
TwitterCreds = twitterCreds,
GoogleCreds = googCreds,
MicrosoftAccountCreds = msCreds,
AadCreds = aadCreds,
Claims = (this.User as ClaimsPrincipal).Claims.Select(c => new { Type = c.Type, Value = c.Value })
});
}
private static void ValidateTestCredentials(FacebookCredentials credentials)
{
Assert.Equal("Facebook", credentials.Provider);
Assert.Equal("Facebook:1234", credentials.UserId);
Assert.Equal("abc123", credentials.AccessToken);
}
internal static void PopulateProviderCredentials(TokenEntry tokenEntry, ProviderCredentials credentials)
{
if (tokenEntry.UserClaims != null)
{
Collection <Claim> userClaims = new Collection <Claim>();
foreach (ClaimSlim claim in tokenEntry.UserClaims)
{
userClaims.Add(new Claim(claim.Type, claim.Value));
}
credentials.UserClaims = userClaims;
}
FacebookCredentials facebookCredentials = credentials as FacebookCredentials;
if (facebookCredentials != null)
{
facebookCredentials.AccessToken = tokenEntry.AccessToken;
facebookCredentials.UserId = tokenEntry.UserId;
return;
}
GoogleCredentials googleCredentials = credentials as GoogleCredentials;
if (googleCredentials != null)
{
googleCredentials.AccessToken = tokenEntry.AccessToken;
googleCredentials.RefreshToken = tokenEntry.RefreshToken;
googleCredentials.UserId = tokenEntry.UserId;
googleCredentials.AccessTokenExpiration = tokenEntry.ExpiresOn;
return;
}
AzureActiveDirectoryCredentials aadCredentials = credentials as AzureActiveDirectoryCredentials;
if (aadCredentials != null)
{
aadCredentials.AccessToken = tokenEntry.IdToken;
Claim objectIdClaim = credentials.UserClaims.FirstOrDefault(c => string.Equals(c.Type, ObjectIdentifierClaimType, StringComparison.OrdinalIgnoreCase));
if (objectIdClaim != null)
{
aadCredentials.ObjectId = objectIdClaim.Value;
}
Claim tenantIdClaim = credentials.UserClaims.FirstOrDefault(c => string.Equals(c.Type, TenantIdClaimType, StringComparison.OrdinalIgnoreCase));
if (tenantIdClaim != null)
{
aadCredentials.TenantId = tenantIdClaim.Value;
}
aadCredentials.UserId = tokenEntry.UserId;
return;
}
MicrosoftAccountCredentials microsoftAccountCredentials = credentials as MicrosoftAccountCredentials;
if (microsoftAccountCredentials != null)
{
microsoftAccountCredentials.AccessToken = tokenEntry.AccessToken;
microsoftAccountCredentials.RefreshToken = tokenEntry.RefreshToken;
microsoftAccountCredentials.UserId = tokenEntry.UserId;
microsoftAccountCredentials.AccessTokenExpiration = tokenEntry.ExpiresOn;
return;
}
TwitterCredentials twitterCredentials = credentials as TwitterCredentials;
if (twitterCredentials != null)
{
twitterCredentials.AccessToken = tokenEntry.AccessToken;
twitterCredentials.AccessTokenSecret = tokenEntry.AccessTokenSecret;
twitterCredentials.UserId = tokenEntry.UserId;
return;
}
}
internal static void PopulateProviderCredentials(TokenEntry tokenEntry, ProviderCredentials credentials)
{
if (tokenEntry.UserClaims != null)
{
credentials.Claims = new Dictionary <string, string>();
foreach (ClaimSlim claim in tokenEntry.UserClaims)
{
credentials.Claims[claim.Type] = claim.Value;
}
}
FacebookCredentials facebookCredentials = credentials as FacebookCredentials;
if (facebookCredentials != null)
{
facebookCredentials.AccessToken = tokenEntry.AccessToken;
facebookCredentials.UserId = tokenEntry.UserId;
return;
}
GoogleCredentials googleCredentials = credentials as GoogleCredentials;
if (googleCredentials != null)
{
googleCredentials.AccessToken = tokenEntry.AccessToken;
googleCredentials.RefreshToken = tokenEntry.RefreshToken;
googleCredentials.UserId = tokenEntry.UserId;
googleCredentials.AccessTokenExpiration = tokenEntry.ExpiresOn;
return;
}
AzureActiveDirectoryCredentials aadCredentials = credentials as AzureActiveDirectoryCredentials;
if (aadCredentials != null)
{
aadCredentials.AccessToken = tokenEntry.IdToken;
aadCredentials.ObjectId = credentials.Claims.GetValueOrDefault(ObjectIdentifierClaimType);
aadCredentials.TenantId = credentials.Claims.GetValueOrDefault(TenantIdClaimType);
aadCredentials.UserId = tokenEntry.UserId;
return;
}
MicrosoftAccountCredentials microsoftAccountCredentials = credentials as MicrosoftAccountCredentials;
if (microsoftAccountCredentials != null)
{
microsoftAccountCredentials.AccessToken = tokenEntry.AccessToken;
microsoftAccountCredentials.RefreshToken = tokenEntry.RefreshToken;
microsoftAccountCredentials.UserId = tokenEntry.UserId;
microsoftAccountCredentials.AccessTokenExpiration = tokenEntry.ExpiresOn;
return;
}
TwitterCredentials twitterCredentials = credentials as TwitterCredentials;
if (twitterCredentials != null)
{
twitterCredentials.AccessToken = tokenEntry.AccessToken;
twitterCredentials.AccessTokenSecret = tokenEntry.AccessTokenSecret;
twitterCredentials.UserId = tokenEntry.UserId;
return;
}
}
public FormResponse RegisterGuest([FromUri] Guid partyGuid, [FromBody] FacebookCredentials facebookCredentials)
{
FormResponse formResponse = new FormResponse();
FacebookDetails facebookDetails = this.GetFacebookDetails(facebookCredentials);
// no helper method on this.Members to register a user with a given memberType, so calling provider directly
UmbracoMembershipProviderBase membersUmbracoMembershipProvider = (UmbracoMembershipProviderBase)Membership.Providers[Constants.Conventions.Member.UmbracoMemberProviderName];
MembershipCreateStatus membershipCreateStatus;
MembershipUser membershipUser = membersUmbracoMembershipProvider.CreateUser(
PartyGuest.Alias, // member type alias
facebookDetails.EmailAddress, // username
this.GetPassword(facebookDetails), // password
facebookDetails.EmailAddress, // email
null, // forgotten password question
null, // forgotten password answer
true, // is approved
null, // provider user key
out membershipCreateStatus);
if (membershipCreateStatus != MembershipCreateStatus.Success)
{
switch (membershipCreateStatus)
{
case MembershipCreateStatus.DuplicateEmail:
case MembershipCreateStatus.DuplicateUserName:
this.ModelState.AddModelError("RegisterGuestValidation", "Email already registered");
formResponse.Errors = this.ModelState.GetErrors();
break;
}
return(formResponse);
}
// cast from MembershipUser rather than use this.Members.GetCurrentMember() helper (which needs a round trip for the login)
PartyGuest partyGuest = (PartyGuest)membershipUser;
partyGuest.FacebookRegistration = true;
partyGuest.FirstName = facebookDetails.FirstName;
partyGuest.LastName = facebookDetails.LastName;
// update database with member and party guid (duplicated data, but never changes)
this.DatabaseContext.Database.Insert(new MemberPartyRow(partyGuest.Id, partyGuid));
// (duplicate data) store party guid in cms cache
partyGuest.PartyGuid = partyGuid;
// add member to DotMailer
DotMailerService.GuestRegistrationStarted((Contact)partyGuest);
// send cookie
FormsAuthentication.SetAuthCookie(partyGuest.Username, true);
formResponse.Success = true;
formResponse.Message = this.Umbraco.TypedContentSingleAtXPath("//" + Wonderland.Logic.Models.Content.RegisterGuest.Alias).Url;
return(formResponse);
}
