public async Task <IActionResult> OnGetAsync(string returnUrl = null)
{
ReturnUrl = returnUrl;
var context = await _interaction.GetAuthorizationContextAsync(returnUrl);
InputModel = new LoginInputModel {
Username = context?.LoginHint
};
if (context?.IdP != null)
{
return(RedirectToAction("Challenge", "External",
new { provider = context.IdP, returnUrl }));
}
ExternalProviders = await _signInManager.GetExternalAuthenticationSchemesAsync();
var client = await _clientStore.FindEnabledClientByIdAsync(context?.ClientId);
if (client?.IdentityProviderRestrictions != null && client.IdentityProviderRestrictions.Any())
{
ExternalProviders = ExternalProviders.Where(provider =>
client.IdentityProviderRestrictions.Contains(provider.Name));
}
return(Page());
}
/// <summary>
/// Delete user token
/// </summary>
/// <param name="userId"></param>
/// <param name="provider"></param>
public virtual async Task DeleteUserToken(Guid userId, ExternalProviders provider)
{
_applicationContext.AspNetUserTokens.Remove
(await _applicationContext.AspNetUserTokens.FirstOrDefaultAsync(x => x.UserId == userId && x.LoginProvider == provider.ToString())
?? throw new InvalidOperationException());
await _applicationContext.SaveChangesAsync(CancellationToken.None);
}
public async Task <JObject> GetUserInfoAsync(string accessToken)
{
var provider = ExternalProviders.GetProviders().FirstOrDefault(x => x.Name.Equals(TokenExchangeProviders.Facebook, StringComparison.OrdinalIgnoreCase));
if (provider == null)
{
throw new ArgumentNullException(nameof(provider));
}
var request = new Dictionary <string, string>();
request.Add("tokenString", accessToken);
request.Add("endpoint", provider.UserInfoEndpoint);
var authorizationHeaderParams = QueryBuilder.GetQuery(request, TokenExchangeProviders.Twitter);
_client.DefaultRequestHeaders.Clear();
_client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/x-www-form-urlencoded"));
_client.DefaultRequestHeaders.Add("Authorization", authorizationHeaderParams);
var result = await _client.GetAsync(provider.UserInfoEndpoint);
if (result.IsSuccessStatusCode)
{
var infoObject = JObject.Parse(await result.Content.ReadAsStringAsync());
return(infoObject);
}
return(null);
}
public FixedList <EFilingDocument> GetOutputDocuments(string filingRequestUID)
{
EFilingRequest filingRequest = EFilingMapper.Map(filingRequestUID);
var provider = ExternalProviders.GetFilingTransactionProvider(filingRequest.Procedure);
return(provider.GetOutputDocuments(filingRequest.Transaction.UID));
}
public virtual async Task <IActionResult> OnGetAsync()
{
LoginInput = new LoginInputModel();
ExternalProviders = await GetExternalProviders();
EnableLocalLogin = await SettingProvider.IsTrueAsync(AccountSettingNames.EnableLocalLogin);
if (IsExternalLoginOnly)
{
return(await OnPostExternalLogin(ExternalProviders.First().AuthenticationScheme));
}
return(Page());
}
public async Task <JObject> GetUserInfoAsync(string accessToken)
{
var provider = ExternalProviders.GetProviders().FirstOrDefault(x => x.Name.Equals(TokenExchangeProviders.Facebook, StringComparison.OrdinalIgnoreCase));
if (provider == null)
{
throw new ArgumentNullException(nameof(provider));
}
var urlParams = $"oauth2_access_token={accessToken}&format=json";
var result = await _client.GetAsync($"{provider.UserInfoEndpoint}{urlParams}");
if (result.IsSuccessStatusCode)
{
var infoObject = JObject.Parse(await result.Content.ReadAsStringAsync());
return(infoObject);
}
return(null);
}
public async Task <IActionResult> OnGet(string returnUrl)
{
var context = await _interaction.GetAuthorizationContextAsync(returnUrl);
if (context?.IdP != null)
{
// if IdP is passed, then bypass showing the login screen
return(ExternalLogin(context.IdP, returnUrl));
}
await BuildLoginViewModelAsync(returnUrl, context);
if (EnableLocalLogin == false && ExternalProviders.Count() == 1)
{
// only one option for logging in
return(ExternalLogin(ExternalProviders.First().AuthenticationScheme, returnUrl));
}
return(Page());
}
public async Task <JObject> GetUserInfoAsync(string accessToken)
{
var provider = ExternalProviders.GetProviders().FirstOrDefault(x => x.Name.Equals(TokenExchangeProviders.Facebook, StringComparison.OrdinalIgnoreCase));
if (provider == null)
{
throw new ArgumentNullException(nameof(provider));
}
var request = new Dictionary <string, string>();
request.Add("token", accessToken);
var result = await _client.GetAsync(provider.UserInfoEndpoint + QueryBuilder.GetQuery(request, TokenExchangeProviders.Google));
if (result.IsSuccessStatusCode)
{
var infoObject = JObject.Parse(await result.Content.ReadAsStringAsync());
return(infoObject);
}
return(null);
}
/// <summary>
/// Refresh user token
/// By providing the refresh token from database to the Graph API
/// </summary>
/// <param name="userId"></param>
/// <param name="provider"></param>
/// <param name="clientId"></param>
/// <param name="redirectUri"></param>
/// <param name="clientSecret"></param>
private async Task RefreshUserToken(Guid userId, ExternalProviders provider, string clientId,
string redirectUri, string clientSecret)
{
var dict = new Dictionary <string, string>
{
{ "client_id", clientId },
{ "redirect_uri", redirectUri },
{ "client_secret", clientSecret },
{ "refresh_token", await _dataService.GetUserRefreshToken(userId, provider) },
{ "grant_type", "refresh_token" }
};
var client = new HttpClient();
dict.TryGetValue("refresh_token", out var refreshToken);
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var postAction = await client.PostAsync("https://login.microsoftonline.com/common/oauth2/v2.0/token",
new FormUrlEncodedContent(dict));
var result = JsonConvert.DeserializeObject <CloudLoginModel>(await postAction.Content.ReadAsStringAsync());
await _dataService.SetUpUserToken(result.AccessToken, refreshToken, userId, provider);
}
/// <summary>
/// Call this method to trigger the User Token Refresh Use Case
/// </summary>
/// <param name="accessToken"></param>
/// <param name="refreshToken"></param>
/// <param name="userId"></param>
/// <param name="provider"></param>
/// <param name="clientId"></param>
/// <param name="redirectUri"></param>
/// <param name="clientSecret"></param>
public async Task VerifyUser(string accessToken, string refreshToken, Guid userId, ExternalProviders provider, string clientId,
string redirectUri, string clientSecret)
{
try
{
if (IsTokenAlive(accessToken, refreshToken, userId, provider).Result)
{
await _dataService.SetUpUserToken(accessToken, refreshToken, userId, provider);
}
else
{
await RefreshUserToken(userId, provider, clientId,
redirectUri, clientSecret);
}
}
catch
{
//
}
}
/// <summary>
/// Verify User Token Status
/// </summary>
/// <param name="accessToken"></param>
/// <param name="refreshToken"></param>
/// <param name="userId"></param>
/// <param name="provider"></param>
private async Task <bool> IsTokenAlive(string accessToken, string refreshToken, Guid userId, ExternalProviders provider)
{
var request = new HttpClient();
request.DefaultRequestHeaders.Add("Authorization", "Bearer " + accessToken);
try
{
var response = await request.GetAsync("https://graph.microsoft.com/v1.0/drive/root/children/");
return(response.StatusCode != HttpStatusCode.Unauthorized);
}
catch (Exception)
{
return(false);
}
}
public async Task <IActionResult> OnGetAsync(string returnUrl = null)
{
if (!string.IsNullOrEmpty(ErrorMessage))
{
ModelState.AddModelError(string.Empty, ErrorMessage);
}
returnUrl = returnUrl ?? Url.Content("~/");
// Clear the existing external cookie to ensure a clean login process
await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme);
//ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList();
var context = await _interaction.GetAuthorizationContextAsync(returnUrl);
if (context?.IdP != null && await _schemeProvider.GetSchemeAsync(context.IdP) != null)
{
var local = context.IdP == IdentityServer4.IdentityServerConstants.LocalIdentityProvider;
EnableLocalLogin = local;
ReturnUrl = returnUrl;
Username = context?.LoginHint;
if (!local)
{
ExternalProviders = new[] { new ExternalProvider {
AuthenticationScheme = context.IdP
} };
}
if (EnableLocalLogin == false && ExternalProviders?.Count() == 1)
{
return(RedirectToAction("Challenge", "External", new { provider = ExternalLoginScheme, returnUrl }));
}
return(Page());
}
var schemes = await _schemeProvider.GetAllSchemesAsync();
var providers = schemes
.Where(x => x.DisplayName != null ||
(x.Name.Equals(AccountOptions.WindowsAuthenticationSchemeName, StringComparison.OrdinalIgnoreCase))
)
.Select(x => new ExternalProvider
{
DisplayName = x.DisplayName,
AuthenticationScheme = x.Name
}).ToList();
var allowLocal = true;
if (context?.ClientId != null)
{
var client = await _clientStore.FindEnabledClientByIdAsync(context.ClientId);
if (client != null)
{
allowLocal = client.EnableLocalLogin;
if (client.IdentityProviderRestrictions != null && client.IdentityProviderRestrictions.Any())
{
providers = providers.Where(provider => client.IdentityProviderRestrictions.Contains(provider.AuthenticationScheme)).ToList();
}
}
}
AllowRememberLogin = AccountOptions.AllowRememberLogin;
EnableLocalLogin = allowLocal && AccountOptions.AllowLocalLogin;
ReturnUrl = returnUrl;
Username = context?.LoginHint;
ExternalProviders = providers.ToArray();
return(Page());
}
/// <summary>
/// Get user refresh Token for specified provider
/// </summary>
/// <param name="userId"></param>
/// <param name="provider"></param>
/// <returns></returns>
public virtual async Task <string> GetUserRefreshToken(Guid userId, ExternalProviders provider)
{
return(JObject.Parse((await _applicationContext.AspNetUserTokens.FirstOrDefaultAsync(x =>
x.UserId == userId && x.LoginProvider == provider.ToString()))
?.Value).GetValue("refresh_token").Value <string>());
}
/// <summary>
/// Set user token
/// </summary>
/// <param name="refreshToken"></param>
/// <param name="userId"></param>
/// <param name="provider"></param>
/// <param name="accessToken"></param>
public virtual async Task SetUpUserToken(string accessToken, string refreshToken, Guid userId, ExternalProviders provider)
{
var currentToken = await _applicationContext.AspNetUserTokens.FirstOrDefaultAsync(x =>
x.UserId == userId && x.LoginProvider == provider.ToString());
if (currentToken == null)
{
_applicationContext.AspNetUserTokens.Add(new IdentityUserToken <Guid>()
{
UserId = userId,
Value = "{" + $"\"access_token\":\"{accessToken}\",\"refresh_token\":\"{refreshToken}\"" +
"}",
LoginProvider = provider.ToString(),
Name = provider + ":" + userId
});
}
else
{
currentToken.Value = "{" + $"\"access_token\":\"{accessToken}\",\"refresh_token\":\"{refreshToken}\"" +
"}";
_applicationContext.AspNetUserTokens.Update(currentToken);
}
await _applicationContext.SaveChangesAsync(new CancellationToken(false));
}
