public async Task <IActionResult> CandidateLogin(string returnUrl) { var context = await _interaction.GetAuthorizationContextAsync(returnUrl); var token = context.Parameters["token"]; var userId = context.Parameters["userid"]; var offerId = context.Parameters["offerid"]; var corporateId = context.Parameters["corporateid"]; var user = await _userManager.FindByIdAsync(userId); var userIsCandidateInCorporate = await _userManager.IsInGroupyfyRoleAsync(user, "Candidate", Guid.Parse(corporateId)); if (!userIsCandidateInCorporate) { return(BadRequest()); } var tokenIsValid = await _userManager.VerifyOfferTokenAsync(user, token, Guid.Parse(offerId)); if (!tokenIsValid) { return(BadRequest()); } await HttpContext.SignInAsync(IdentityConstants.ApplicationScheme, await StoreRememberClient(user, "Candidate", Guid.Parse(corporateId), Guid.Parse(offerId))); return(Redirect(returnUrl)); }
public async Task <ActionResult <string> > GenerateOfferLoginLink(OfferLoginLinkCommand command) { var user = await _userManager.FindByIdAsync(command.UserId.ToString()); if (await _userManager.IsInGroupyfyRoleAsync(user, "candidate", command.CorporateId)) { var offerToken = await _userManager.GenerateOfferTokenAsync(user, command.OfferId); var link = "http://localhost:4200/#/candidate/login?" + $"userid={command.UserId}&corporateid={command.CorporateId}&offerid={command.OfferId}&token={WebUtility.UrlEncode(offerToken)}"; return(link); } return(BadRequest()); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { var user = await _userManager.FindByIdAsync(context.Subject.GetSubjectId()); var principal = await _claimsFactory.CreateAsync(user); var claims = principal.Claims.ToList(); claims.RemoveAll(x => x.Type == JwtClaimTypes.Role); if (!string.IsNullOrEmpty(context.ValidatedRequest?.Raw["role"])) { var corporateId = context.ValidatedRequest.Raw["corporateid"]; var role = context.ValidatedRequest.Raw["role"]; var userHasRole = await _userManager.IsInGroupyfyRoleAsync(user, context.ValidatedRequest.Raw["role"], corporateId != null?Guid.Parse(corporateId) : (Guid?)null); if (userHasRole) { claims.Add(new Claim(JwtClaimTypes.Role, role)); if (!string.IsNullOrEmpty(corporateId)) { claims.Add(new Claim("corporateId", corporateId)); } } } else { var role = context.Subject.Claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Role)?.Value; var corporateId = context.Subject.Claims.FirstOrDefault(x => x.Type == "corporateId")?.Value; if (!string.IsNullOrEmpty(role)) { claims.Add(new Claim(JwtClaimTypes.Role, role)); } if (!string.IsNullOrEmpty(corporateId)) { claims.Add(new Claim("corporateId", corporateId)); } } if (!string.IsNullOrEmpty(context.ValidatedRequest?.Raw["offerid"])) { claims.Add(new Claim("offerId", context.ValidatedRequest.Raw["offerid"])); } context.IssuedClaims = claims; }