public async Task <IActionResult> CandidateLogin(string returnUrl)
{
var context = await _interaction.GetAuthorizationContextAsync(returnUrl);
var token = context.Parameters["token"];
var userId = context.Parameters["userid"];
var offerId = context.Parameters["offerid"];
var corporateId = context.Parameters["corporateid"];
var user = await _userManager.FindByIdAsync(userId);
var userIsCandidateInCorporate = await _userManager.IsInGroupyfyRoleAsync(user, "Candidate", Guid.Parse(corporateId));
if (!userIsCandidateInCorporate)
{
return(BadRequest());
}
var tokenIsValid = await _userManager.VerifyOfferTokenAsync(user, token, Guid.Parse(offerId));
if (!tokenIsValid)
{
return(BadRequest());
}
await HttpContext.SignInAsync(IdentityConstants.ApplicationScheme, await StoreRememberClient(user, "Candidate", Guid.Parse(corporateId), Guid.Parse(offerId)));
return(Redirect(returnUrl));
}
public async Task <ActionResult <string> > GenerateOfferLoginLink(OfferLoginLinkCommand command)
{
var user = await _userManager.FindByIdAsync(command.UserId.ToString());
if (await _userManager.IsInGroupyfyRoleAsync(user, "candidate", command.CorporateId))
{
var offerToken = await _userManager.GenerateOfferTokenAsync(user, command.OfferId);
var link = "http://localhost:4200/#/candidate/login?" + $"userid={command.UserId}&corporateid={command.CorporateId}&offerid={command.OfferId}&token={WebUtility.UrlEncode(offerToken)}";
return(link);
}
return(BadRequest());
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
var user = await _userManager.FindByIdAsync(context.Subject.GetSubjectId());
var principal = await _claimsFactory.CreateAsync(user);
var claims = principal.Claims.ToList();
claims.RemoveAll(x => x.Type == JwtClaimTypes.Role);
if (!string.IsNullOrEmpty(context.ValidatedRequest?.Raw["role"]))
{
var corporateId = context.ValidatedRequest.Raw["corporateid"];
var role = context.ValidatedRequest.Raw["role"];
var userHasRole = await _userManager.IsInGroupyfyRoleAsync(user, context.ValidatedRequest.Raw["role"], corporateId != null?Guid.Parse(corporateId) : (Guid?)null);
if (userHasRole)
{
claims.Add(new Claim(JwtClaimTypes.Role, role));
if (!string.IsNullOrEmpty(corporateId))
{
claims.Add(new Claim("corporateId", corporateId));
}
}
}
else
{
var role = context.Subject.Claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Role)?.Value;
var corporateId = context.Subject.Claims.FirstOrDefault(x => x.Type == "corporateId")?.Value;
if (!string.IsNullOrEmpty(role))
{
claims.Add(new Claim(JwtClaimTypes.Role, role));
}
if (!string.IsNullOrEmpty(corporateId))
{
claims.Add(new Claim("corporateId", corporateId));
}
}
if (!string.IsNullOrEmpty(context.ValidatedRequest?.Raw["offerid"]))
{
claims.Add(new Claim("offerId", context.ValidatedRequest.Raw["offerid"]));
}
context.IssuedClaims = claims;
}