public ActionResult Create(string userId)
{
Guid userGuid;
if (!Guid.TryParse(userId, out userGuid))
{
return(HttpBadRequest("Failed to parse userId."));
}
HierarchicalUserAccount user = _userAccountService.GetByID(userGuid);
if (user == null)
{
ViewBag.Message = string.Format("The Auth Central User with UserId {0} could not be found.", userId);
return(RedirectToAction("Index"));
}
var model = new UserClaimModelContainer()
{
UserId = user.ID.ToString(),
UserClaims = new List <ClaimModel>(new[] { new ClaimModel() })
};
return(View("Create", model));
}
public ActionResult Confirm(string id)
{
HierarchicalUserAccount account = _userAccountService.GetByVerificationKey(id);
if (account == null)
{
ModelState.AddModelError("", BrockAllen.MembershipReboot.Resources.ValidationMessages.InvalidKey);
return(View("Index"));
}
if (account.HasPassword())
{
var vm = new ChangeEmailFromKeyInputModel {
Key = id
};
return(View("Confirm", vm));
}
try
{
_userAccountService.VerifyEmailFromKey(id, out account);
return(RedirectToAction("Success"));
}
catch (ValidationException ex)
{
ModelState.AddModelError("", ex.Message);
}
return(View("Confirm", null));
}
protected virtual IEnumerable <Claim> GetClaimsFromAccount(HierarchicalUserAccount account)
{
var claims = new List <Claim> {
new Claim(Constants.ClaimTypes.Subject, GetSubjectForAccount(account)),
new Claim(Constants.ClaimTypes.UpdatedAt, IdentityModel.EpochTimeExtensions.ToEpochTime(account.LastUpdated).ToString(), ClaimValueTypes.Integer),
new Claim("tenant", account.Tenant),
new Claim(Constants.ClaimTypes.PreferredUserName, account.Username),
};
if (!String.IsNullOrWhiteSpace(account.Email))
{
claims.Add(new Claim(Constants.ClaimTypes.Email, account.Email));
claims.Add(new Claim(Constants.ClaimTypes.EmailVerified, account.IsAccountVerified ? "true" : "false"));
}
if (!String.IsNullOrWhiteSpace(account.MobilePhoneNumber))
{
claims.Add(new Claim(Constants.ClaimTypes.PhoneNumber, account.MobilePhoneNumber));
claims.Add(new Claim(Constants.ClaimTypes.PhoneNumberVerified, !String.IsNullOrWhiteSpace(account.MobilePhoneNumber) ? "true" : "false"));
}
claims.AddRange(account.Claims.Select(x => new Claim(x.Type, x.Value)));
claims.AddRange(userAccountService.MapClaims(account));
return(claims);
}
public ActionResult Index(PasswordResetInputModel model)
{
if (!ModelState.IsValid)
{
return(View("Index"));
}
try
{
HierarchicalUserAccount account = _userAccountService.GetByEmail(model.Email);
if (account != null)
{
_userAccountService.ResetPassword(model.Email);
return(View("ResetSuccess"));
}
ModelState.AddModelError("", "Invalid email");
}
catch (ValidationException ex)
{
ModelState.AddModelError("", ex.Message);
}
return(View("Index"));
}
/// <summary>
/// Given a <paramref name="username" />, <paramref name="password" />, and an IDS3
/// <paramref name="message">SignIn Message</paramref>, validates the user's credentials by attempting to
/// authenticate them.
/// </summary>
/// <param name="username">User's username or email.</param>
/// <param name="password">User's password</param>
/// <param name="message">Message built by IDS3 that contains context information such as client and tenant.</param>
/// <param name="account">If credentials are valid, returns the user's account.</param>
/// <returns><c>true</c> if the user's credentials are valid for their tenant; otherwise <c>false</c></returns>
protected virtual bool ValidateLocalCredentials(string username, string password, SignInMessage message,
out HierarchicalUserAccount account)
{
string tenant = string.IsNullOrWhiteSpace(message.Tenant)
? userAccountService.Configuration.DefaultTenant
: message.Tenant;
return(userAccountService.AuthenticateWithUsernameOrEmail(tenant, username, password, out account));
}
public IActionResult Find(string email)
{
HierarchicalUserAccount account = _userAccountService.GetByEmail(email);
if (account == null)
{
ViewBag.Message = "Failed to find an account with that e-mail address. Please try again.";
return(RedirectToAction("Index"));
}
return(RedirectToAction("Show", "UserClaim", new {
userId = account.ID.ToString()
}));
}
public IActionResult Details()
{
try
{
HierarchicalUserAccount user = _userAccountService.GetByID(User.GetId());
UserAccountViewModel viewModel = new UserAccountViewModel(user);
return(View(viewModel));
}
catch (AuthenticationException)
{
return(new HttpUnauthorizedResult());
}
}
public UserAccountViewModel(HierarchicalUserAccount user)
{
// Required
this.Email = user.Email;
this.Username = user.Username;
this.FirstName = user.GetClaimValue("given_name");
this.LastName = user.GetClaimValue("family_name");
this.LastUpdated = user.LastUpdated.ToUniversalTime();
this.Created = user.Created.ToUniversalTime();
// Optional
this.PhoneNumber = user.GetClaimValue("phone_number");
//this.ProfilePhotoUrl = new Uri(user.GetClaimValue("picture"));
//this.Locale = System.Globalization.CultureInfo.GetCultureInfo(user.GetClaimValue("locale"));
//this.Timezone = TimeZoneInfo.FindSystemTimeZoneById(user.GetClaimValue("zoneinfo"));
}
public IActionResult Create(CreateAccountInputModel model)
{
if (ModelState.IsValid)
{
try
{
HierarchicalUserAccount account = _userAccountService.CreateAccount(model.Username, PasswordGenerator.GeneratePasswordOfLength(16), model.Email);
_userAccountService.SetConfirmedEmail(account.ID, account.Email);
_userAccountService.ResetPassword(account.ID);
AddClaims(account.ID, model);
return(View("Success", model));
}
catch (ValidationException ex)
{
ModelState.AddModelError("", ex.Message);
}
}
return(Create());
}
private UserProfileModel GetUserProfileModel()
{
HierarchicalUserAccount user = _userAccountService.GetByID(User.GetId());
if (user != null)
{
return(new UserProfileModel
{
Name = new UserNameModel
{
FamilyName = user.Claims.FirstOrDefault(c => c.Type == "family_name")?.Value,
GivenName = user.Claims.FirstOrDefault(c => c.Type == "given_name")?.Value,
},
Email = user.Email,
Organization = user.Claims.FirstOrDefault(c => c.Type == "fsw:organization")?.Value,
Department = user.Claims.FirstOrDefault(c => c.Type == "fsw:department")?.Value
});
}
return(null);
}
public override Task GetProfileDataAsync(ProfileDataRequestContext ctx)
{
ClaimsPrincipal subject = ctx.Subject;
IEnumerable <string> requestedClaimTypes = ctx.RequestedClaimTypes;
HierarchicalUserAccount acct = userAccountService.GetByID(subject.GetSubjectId().ToGuid());
if (acct == null)
{
throw new ArgumentException("Invalid subject identifier");
}
var claims = GetClaimsFromAccount(acct);
if (requestedClaimTypes != null && requestedClaimTypes.Any())
{
claims = claims.Where(x => requestedClaimTypes.Contains(x.Type));
}
ctx.IssuedClaims = claims;
return(Task.FromResult(0));
}
public IActionResult Edit(string userId, bool changed)
{
if (changed)
{
ViewBag.Message = "The requested change was processed successfully.";
}
Guid userGuid;
if (!Guid.TryParse(userId, out userGuid))
{
return(HttpBadRequest("Could not parse user Id."));
}
HierarchicalUserAccount user = _userAccountService.GetByID(userGuid);
if (user != null)
{
bool canDeleteUsers = User.Claims.Any(claim => claim.Type == "fsw:testautomation" && claim.Value == "true");
return(View(new UserProfileModel
{
Email = user.Email,
FamilyName = user.Claims.FirstOrDefault(c => c.Type == "family_name")?.Value,
GivenName = user.Claims.FirstOrDefault(c => c.Type == "given_name")?.Value,
Organization = user.Claims.FirstOrDefault(c => c.Type == "fsw:organization")?.Value,
Department = user.Claims.FirstOrDefault(c => c.Type == "fsw:department")?.Value,
IsLoginAllowed = user.IsLoginAllowed,
UserId = userId,
CanDeleteUsers = canDeleteUsers
}));
}
else
{
ViewBag.Message = string.Format("The Auth Central User with UserId {0} could not be found.", userId);
return(View());
}
}
public ActionResult Show(string userId, bool changed)
{
if (changed)
{
ViewBag.Message = "The requested change was processed successfully.";
}
Guid userGuid;
if (!Guid.TryParse(userId, out userGuid))
{
return(HttpBadRequest("Failed to parse user Id."));
}
// Not awaitable!
HierarchicalUserAccount user = _userAccountService.GetByID(userGuid);
if (user == null)
{
ViewBag.Message = string.Format("The Auth Central User with UserId {0} could not be found.", userId);
return(HttpBadRequest("Failed to find user with the given Id."));
}
var model = new UserClaimModelContainer()
{
UserId = user.ID.ToString(),
UserClaims = user.Claims.Where(claim => claim.Type != "name" &&
claim.Type != "given_name" &&
claim.Type != "family_name" &&
claim.Type != "fsw:organization" &&
claim.Type != "fsw:department")
.Select(claim => new ClaimModel(claim))
};
return(View(model));
}
protected virtual Task <AuthenticateResult> PostAuthenticateLocalAsync(HierarchicalUserAccount account, SignInMessage message)
{
return(Task.FromResult <AuthenticateResult>(null));
}
protected virtual Task <IEnumerable <Claim> > GetClaimsForAuthenticateResultAsync(HierarchicalUserAccount account)
{
return(Task.FromResult((IEnumerable <Claim>)null));
}
protected virtual string GetSubjectForAccount(HierarchicalUserAccount account)
{
return(account.ID.ToString("D"));
}
