/// <summary> /// Method that is called by the OIDC middleware after the authentication data has been validated. This is where most of the sign up /// and sign in work is done. /// </summary> /// <param name="context">An OIDC-supplied <see cref="Microsoft.AspNet.Authentication.OpenIdConnect.AuthenticationValidatedContext"/> containing the current authentication information.</param> /// <returns>a completed <see cref="System.Threading.Tasks.Task"/></returns> public override async Task AuthenticationValidated(AuthenticationValidatedContext context) { var principal = context.AuthenticationTicket.Principal; var userId = principal.GetObjectIdentifierValue(); var tenantManager = context.HttpContext.RequestServices.GetService <TenantManager>(); var userManager = context.HttpContext.RequestServices.GetService <UserManager>(); var issuerValue = principal.GetIssuerValue(); _logger.AuthenticationValidated(userId, issuerValue); // Normalize the claims first. NormalizeClaims(principal); var tenant = await tenantManager.FindByIssuerValueAsync(issuerValue) .ConfigureAwait(false); if (context.IsSigningUp()) { // Originally, we were checking to see if the tenant was non-null, however, this would not allow // permission changes to the application in AAD since a re-consent may be required. Now we just don't // try to recreate the tenant. if (tenant == null) { tenant = await SignUpTenantAsync(context, tenantManager) .ConfigureAwait(false); } // In this case, we need to go ahead and set up the user signing us up. await CreateOrUpdateUserAsync(context.AuthenticationTicket, userManager, tenant) .ConfigureAwait(false); } else { if (tenant == null) { _logger.UnregisteredUserSignInAttempted(userId, issuerValue); throw new SecurityTokenValidationException($"Tenant {issuerValue} is not registered"); } await CreateOrUpdateUserAsync(context.AuthenticationTicket, userManager, tenant) .ConfigureAwait(false); } }
internal static Task AuthenticationValidated(AuthenticationValidatedContext context) { eventsFired.Add(nameof(AuthenticationValidated)); return(Task.FromResult(0)); }