public ActionResult RemoveExternalLogins() { ICollection <OAuthAccount> accounts = OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name); List <ExternalLogin> externalLogins = new List <ExternalLogin>(); foreach (OAuthAccount account in accounts) { AuthenticationClientData clientData = OAuthWebSecurity.GetOAuthClientData(account.Provider); externalLogins.Add(new ExternalLogin { Provider = account.Provider, ProviderDisplayName = clientData.DisplayName, ProviderUserId = account.ProviderUserId, }); } ViewBag.ShowRemoveButton = externalLogins.Count > 1 || OAuthWebSecurity.HasLocalAccount(cog.WebSecurity.GetUserId(User.Identity.Name)); return(PartialView("_RemoveExternalLoginsPartial", externalLogins)); }
// deletes user from user table and membership tables. public static void DeleteUser(User user) { var simpleRoles = (SimpleRoleProvider)Roles.Provider; var simpleMembership = (SimpleMembershipProvider)Membership.Provider; List <string> roles = new List <string>(); if (simpleRoles.IsUserInRole(user.Email, "Admin")) { roles.Add("Admin"); } if (simpleRoles.IsUserInRole(user.Email, "Member")) { roles.Add("Member"); } // possible OAuth account var oAuths = OAuthWebSecurity.GetAccountsFromUserName(user.Email); var oAuth = oAuths.Count > 0 ? oAuths.ToList()[0] : null; // ** Unit of Work Pattern using (var uow = new UnitOfWorkDistributed()) { simpleRoles.RemoveUsersFromRoles(new string[] { user.Email }, roles.ToArray()); if (oAuth != null) { OAuthWebSecurity.DeleteAccount(oAuth.Provider, oAuth.ProviderUserId); } else { simpleMembership.DeleteAccount(user.Email); } simpleMembership.DeleteUser(user.Email, false); uow.Complete(); } }
public virtual ActionResult RemoveExternalSignIns() { ViewBag.ShowRemoveButton = OAuthWebSecurity.HasLocalAccount(WebSecurity.CurrentUserId); var accounts = OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name); var externalLogins = new List <ExternalLoginModel>(); foreach (var account in accounts) { var clientData = OAuthWebSecurity.GetOAuthClientData(account.Provider); externalLogins.Add(new ExternalLoginModel { Provider = account.Provider, ProviderDisplayName = clientData.DisplayName, ProviderUserKey = account.ProviderUserId, }); } return(PartialView(externalLogins)); }
public ActionResult RemoveExternalLogins() { var accounts = OAuthWebSecurity.GetAccountsFromUserName(this.User.Identity.Name); var externalLogins = new List <ExternalLogin>(); foreach (var account in accounts) { var clientData = OAuthWebSecurity.GetOAuthClientData(account.Provider); externalLogins.Add(new ExternalLogin { Provider = account.Provider, ProviderDisplayName = clientData.DisplayName, ProviderUserId = account.ProviderUserId, }); } this.ViewBag.ShowRemoveButton = externalLogins.Count > 1 || OAuthWebSecurity.HasLocalAccount( WebSecurity.GetUserId(this.User.Identity.Name)); return(this.PartialView("_RemoveExternalLoginsPartial", externalLogins)); }
public static LinkAccountModel ForUser(IDataContext context, IIdentity identity) { var user = context.GetUser(identity); var allProviders = OAuthWebSecurity.RegisteredClientData.Select(c => c.DisplayName).ToArray(); // Match each linked provider to the member of allProviders as allProviders has proper casing (Google, not google) var linkedProviders = OAuthWebSecurity.GetAccountsFromUserName(user.MembershipUserIdentifier) .Select(lp => allProviders.Single(ap => ap.ToLower() == lp.Provider.ToLower())) .ToArray(); var loginMethodCount = linkedProviders.Count() + (OAuthWebSecurity.HasLocalAccount(user.UserId) ? 1 : 0); var model = new LinkAccountModel() { OpenIDProvidersLinked = linkedProviders, OpenIDProvidersAvailable = allProviders.Where(p => !linkedProviders.Contains(p)), AllowRemovingLogin = loginMethodCount > 1 }; return(model); }
public ExternalAccounts ExternalAccounts() { ICollection <OAuthAccount> accounts = OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name); List <ExternalLogin> externalLogins = new List <ExternalLogin>(); foreach (OAuthAccount account in accounts) { AuthenticationClientData clientData = OAuthWebSecurity.GetOAuthClientData(account.Provider); externalLogins.Add(new ExternalLogin { Provider = account.Provider, ProviderDisplayName = clientData.DisplayName, ProviderUserId = account.ProviderUserId, }); } ExternalAccounts externalLoginList = new ExternalAccounts(); externalLoginList.ExternalLogins = externalLogins; externalLoginList.ShowRemoveButton = externalLogins.Count > 1 || OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name)); return(externalLoginList); }
public ActionResult Disassociate(string provider, string providerUserId) { string ownerAccount = OAuthWebSecurity.GetUserName(provider, providerUserId); ManageMessageId?message = null; if (ownerAccount == User.Identity.Name) { using (var scope = new TransactionScope(TransactionScopeOption.Required, new TransactionOptions { IsolationLevel = IsolationLevel.Serializable })) { bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name)); if (hasLocalAccount || OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name).Count > 1) { OAuthWebSecurity.DeleteAccount(provider, providerUserId); scope.Complete(); message = ManageMessageId.RemoveLoginSuccess; } } } return(RedirectToAction("Manage", new { Message = message })); }
public ActionResult Disassociate(string provider, string providerUserId) { string ownerAccount = OAuthWebSecurity.GetUserName(provider, providerUserId); ManageMessageId? message = null; // Only disassociate the account if the currently logged in user is the owner if (ownerAccount == User.Identity.Name) { // Use a transaction to prevent the user from deleting their last login credential using (var scope = new TransactionScope(TransactionScopeOption.Required, new TransactionOptions { IsolationLevel = IsolationLevel.Serializable })) { bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name)); if (hasLocalAccount || OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name).Count > 1) { OAuthWebSecurity.DeleteAccount(provider, providerUserId); scope.Complete(); message = ManageMessageId.RemoveLoginSuccess; } } } return RedirectToAction("Manage", new { Message = message }); }
public ActionResult ForceWixUserSignIn(string email, string returnUrl, string trackingId = null) { string error = null; bool loginResult; var qs_params = ParseReturnUrlQS(returnUrl); //check if external login var externalLogin = OAuthWebSecurity.GetAccountsFromUserName(email).FirstOrDefault(); if (externalLogin != null) { var result = externalLogin; loginResult = OAuthWebSecurity.Login(result.Provider, result.ProviderUserId, IS_PERSISTENT_COOKIE) && CreateAuthenticationTicket(email, string.Empty, trackingId, out error); } else { loginResult = CreateAuthenticationTicket(email, string.Empty, trackingId, out error); } //ALWAYS return true , otherwise it could create endless loop on trying to login return(RedirectToAction("WixLoginResultHandler", "Account", new { area = "WixEndPoint", success = true, qs_params.instanceToken, qs_params.uid, qs_params.instanceId, origCompIdToken = qs_params.origCompId, compIdToken = qs_params.compId, error = error + (loginResult ? "" : "something went wrong") })); }
public ActionResult Disassociate(string provider, string providerUserId) { string ownerAccount = OAuthWebSecurity.GetUserName(provider, providerUserId); ManageMessageId? message = null; // Удалять связь учетной записи, только если текущий пользователь — ее владелец if (ownerAccount == User.Identity.Name) { // Транзакция используется, чтобы помешать пользователю удалить учетные данные последнего входа using (var scope = new TransactionScope(TransactionScopeOption.Required, new TransactionOptions { IsolationLevel = IsolationLevel.Serializable })) { bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name)); if (hasLocalAccount || OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name).Count > 1) { OAuthWebSecurity.DeleteAccount(provider, providerUserId); scope.Complete(); message = ManageMessageId.RemoveLoginSuccess; } } } return RedirectToAction("Manage", new { Message = message }); }
public ActionResult ExternalLoginsList(string returnUrl) { List <AuthenticationClientData> clientData = new List <AuthenticationClientData>(); if (WebSecurity.IsAuthenticated) { List <string> accounts = (from account in OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name) select account.Provider).ToList(); ICollection <AuthenticationClientData> allClients = OAuthWebSecurity.RegisteredClientData; foreach (AuthenticationClientData client in allClients) { if (accounts.Contains(client.AuthenticationClient.ProviderName) == false) { clientData.Add(client); } } } else { clientData = OAuthWebSecurity.RegisteredClientData.ToList(); } ViewBag.ReturnUrl = returnUrl; return(PartialView("_ExternalLoginsListPartial", clientData)); }
public bool Disassociate(string provider, string providerUserId) { bool success = false; string ownerAccount = OAuthWebSecurity.GetUserName(provider, providerUserId); // Only disassociate the account if the currently logged in user is the owner if (ownerAccount == CurrentUser.Identity.Name) { // Use a transaction to prevent the user from deleting their last login credential using (var scope = new System.Transactions.TransactionScope(TransactionScopeOption.Required, new TransactionOptions { IsolationLevel = IsolationLevel.Serializable })) { bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(CurrentUser.Identity.Name)); if (hasLocalAccount || OAuthWebSecurity.GetAccountsFromUserName(CurrentUser.Identity.Name).Count > 1) { OAuthWebSecurity.DeleteAccount(provider, providerUserId); scope.Complete(); success = true; } } } return(success); }
public HttpResponseMessage Disassociate(DissasociateModel model) { string ownerAccount = OAuthWebSecurity.GetUserName(model.Provider, model.ProviderUserId); // Dissasociate account if authenticated user is the owner if (ownerAccount == User.Identity.Name) { // Using transaction to avoid dissasociation of the last linked account using (var scope = new TransactionScope(TransactionScopeOption.Required, new TransactionOptions { IsolationLevel = IsolationLevel.Serializable })) { bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name)); if (hasLocalAccount || OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name).Count > 1) { OAuthWebSecurity.DeleteAccount(model.Provider, model.ProviderUserId); scope.Complete(); } } return(Request.CreateResponse(HttpStatusCode.OK, "Account succesfully dissasociated")); } throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "You are not the account owner")); }
public ICollection <OAuthAccount> GetAccountsFromUserName(string userName) { return(OAuthWebSecurity.GetAccountsFromUserName(userName)); }
public IEnumerable <ViewCommentHistory> Get([FromUri] int Id) { List <Comment> list = _db.Comment.Select(c => c).Where(c => c.ProposalId == Id).ToList(); List <ViewCommentHistory> output = new List <ViewCommentHistory>(); foreach (var item in list) { Models.User user = _db.User.FirstOrDefault(c => c.UserId == item.CreatedBy); if (item.CreatedBy == WebSecurity.CurrentUserId)//check if owner of the comment { output.Add(new ViewCommentHistory { Id = item.Id.ToString(), Body = item.Body, CreatedBy = user.Name, DateCreated = item.CreatedDate.ToString(@"yyyy-MM-ddTHH\:mm\:ss.fffffffzzz"), UserId = user.Id.ToString(), isFacebook = false }); } else { output.Add(new ViewCommentHistory { Body = item.Body, CreatedBy = user.Name, DateCreated = item.CreatedDate.ToString(@"yyyy-MM-ddTHH\:mm\:ss.fffffffzzz"), UserId = user.UserId.ToString(), isFacebook = false }); } } //get a service facebook or twitter Service service = _db.User.FirstOrDefault(c => c.UserId == WebSecurity.CurrentUserId).Services.FirstOrDefault(c => c.Provider == "facebook"); if (service != null) { FacebookAPI facebook = new FacebookAPI(service.Token); Proposal proposal = _db.Proposal.FirstOrDefault(c => c.Id == Id && c.FacebookPostId != null && c.FacebookPostId != ""); if (proposal != null) { dynamic comments = facebook.getComments(proposal.FacebookPostId); //get facebook post comments if ((comments is int) == false && comments != null && comments.ContainsKey("data")) { foreach (dynamic item in comments.data) { string id = item.id; string body = item.message; string created_date = item.created_time; string created_by = item.from.name; string created_by_facebookID = item.from.id; string userID = OAuthWebSecurity.GetUserName("facebook", created_by_facebookID); var LoggedInUserID = OAuthWebSecurity.GetAccountsFromUserName(userID).FirstOrDefault(c => c.Provider == "facebook").ProviderUserId; if (LoggedInUserID != null && LoggedInUserID == created_by_facebookID) { output.Add(new ViewCommentHistory { Id = id, Body = body, DateCreated = created_date, CreatedBy = created_by, UserId = created_by_facebookID, isFacebook = true, Artist = false }); } else { output.Add(new ViewCommentHistory { Body = body, DateCreated = created_date, CreatedBy = created_by, UserId = created_by_facebookID, isFacebook = true, Artist = false }); } } } output = output.OrderByDescending(c => DateTime.Parse(c.DateCreated)).ToList(); //reorder the comments if (proposal.FacebookPostIdArtist != "" && proposal.FacebookPostIdArtist != null) //used to identify if an artist post has been made if yes then grab the latest comment from Artist { comments = facebook.getComments(proposal.FacebookPostIdArtist); if ((comments is int) == false && comments != null && comments.ContainsKey("data")) { foreach (dynamic item in comments.data) { string id = item.id; string body = item.message; string created_date = item.created_time; string created_by = item.from.name; string created_by_facebookID = item.from.id; output.Insert(0, new ViewCommentHistory { Body = body, DateCreated = created_date, CreatedBy = created_by, UserId = created_by_facebookID, isFacebook = true, Artist = true }); break; } } } } proposal = _db.Proposal.FirstOrDefault(c => c.Id == Id && c.FacebookPostId != null && c.FacebookPostId != ""); } output = output.OrderByDescending(c => DateTime.Parse(c.DateCreated)).ToList(); return(output.ToList()); }