/// <summary> /// Конструктор. /// </summary> /// <param name="coreBaseResourceErrors">Ядро. Основа. Ресурсы. Ошибки.</param> /// <param name="resourceSuccesses">Ресурсы. Успехи.</param> /// <param name="resourceErrors">Ресурсы. Ошибки.</param> /// <param name="service">Сервис.</param> public HostBasePartAuthJobs( CoreBaseResourceErrors coreBaseResourceErrors, HostBasePartAuthResourceSuccesses resourceSuccesses, HostBasePartAuthResourceErrors resourceErrors, HostBasePartAuthService service ) { JobCurrentUserGet = new HostBasePartAuthJobCurrentUserGetService( service.GetCurrentUser, coreBaseResourceErrors, resourceSuccesses, resourceErrors ); JobSeed = new HostBasePartAuthJobSeedService( service.Seed, coreBaseResourceErrors, resourceErrors ); JobUserEntityCreate = new HostBasePartAuthJobUserEntityCreateService( service.CreateUserEntity, coreBaseResourceErrors, resourceSuccesses, resourceErrors ); }
/// <summary> /// Конструктор. /// </summary> /// <param name="appJobCallbackGet">Задание на получение обратного вызова.</param> /// <param name="appJobChallengeGet">Задание на отправку вызова.</param> /// <param name="appJobUserEntityCreate">Задание на создание сущности пользователя.</param> /// <param name="extClientStore">Хранилище клиентов.</param> /// <param name="extEvents">События.</param> /// <param name="extInteraction">Взаимодействие.</param> /// <param name="extLogger">Регистратор.</param> /// <param name="extRoleManager">Менеджер ролей.</param> /// <param name="extSignInManager">Менеджер входа в систему.</param> /// <param name="extUserManager">Менеджер пользователей.</param> /// <param name="extViewEngine">Средство создания представлений.</param> public ModIdentityServerWebMvcPartExternalModel( ModIdentityServerWebMvcPartExternalJobCallbackGetService appJobCallbackGet, ModIdentityServerWebMvcPartExternalJobChallengeGetService appJobChallengeGet, HostBasePartAuthJobUserEntityCreateService appJobUserEntityCreate, IClientStore extClientStore, IEventService extEvents, IIdentityServerInteractionService extInteraction, ILogger <ModIdentityServerWebMvcPartExternalModel> extLogger, RoleManager <DataEntityObjectRole> extRoleManager, SignInManager <DataEntityObjectUser> extSignInManager, UserManager <DataEntityObjectUser> extUserManager, ICompositeViewEngine extViewEngine ) : base(extLogger, extViewEngine) { AppJobCallbackGet = appJobCallbackGet; AppJobChallengeGet = appJobChallengeGet; AppJobUserEntityCreate = appJobUserEntityCreate; ExtClientStore = extClientStore; ExtEvents = extEvents; ExtInteraction = extInteraction; ExtRoleManager = extRoleManager; ExtSignInManager = extSignInManager; ExtUserManager = extUserManager; }
private async Task <CoreBaseExecutionResultWithData <DataEntityObjectUser> > CreateUserEntity( ILogger logger, HostBasePartAuthJobUserEntityCreateService job, HostBasePartAuthJobUserEntityCreateInput input ) { var result = new CoreBaseExecutionResultWithData <DataEntityObjectUser>(); try { result.Data = await job.Execute(input).CoreBaseExtTaskWithCurrentCulture(false); job.OnSuccess(logger, result, input); } catch (Exception ex) { job.OnError(ex, logger, result); } return(result); }
)> ProcessCallbackGet( IClientStore clientStore, IEventService events, HttpContext httpContext, IIdentityServerInteractionService interaction, HostBasePartAuthJobUserEntityCreateService jobUserEntityCreate, ILogger logger, RoleManager <DataEntityObjectRole> roleManager, SignInManager <DataEntityObjectUser> signInManager, UserManager <DataEntityObjectUser> userManager ) { // read external identity from the temporary cookie var result = await httpContext.AuthenticateAsync(IdentityConstants.ExternalScheme) .CoreBaseExtTaskWithCurrentCulture(false); if (result?.Succeeded != true) { throw new ModIdentityServerBaseExceptionExternalAuthentication(); } // lookup our user and external provider info var(user, provider, providerUserId, claims) = await FindUserFromExternalProviderAsync(result, userManager); if (user == null) { // this might be where you might initiate a custom workflow for user registration // in this sample we don't show how that would be done, as our sample implementation // simply auto-provisions new external user user = await AutoProvisionUserAsync( provider, providerUserId, claims, logger, jobUserEntityCreate, roleManager, userManager ).CoreBaseExtTaskWithCurrentCulture(false); } // this allows us to collect any additonal claims or properties // for the specific prtotocols used and store them in the local auth cookie. // this is typically used to store data needed for signout from those protocols. var additionalLocalClaims = new List <Claim>(); var localSignInProps = new AuthenticationProperties(); ProcessCallbackGetForOidc(result, additionalLocalClaims, localSignInProps); // issue authentication cookie for user // we must issue the cookie maually, and can't use the SignInManager because // it doesn't expose an API to issue additional claims from the login workflow var principal = await signInManager.CreateUserPrincipalAsync(user) .CoreBaseExtTaskWithCurrentCulture(false); additionalLocalClaims.AddRange(principal.Claims); var name = principal.FindFirst(JwtClaimTypes.Name)?.Value ?? user.Id.ToString(); await httpContext.SignInAsync( user.Id.ToString(), name, provider, localSignInProps, additionalLocalClaims.ToArray() ).CoreBaseExtTaskWithCurrentCulture(false); // delete temporary cookie used during external authentication await httpContext.SignOutAsync(IdentityConstants.ExternalScheme) .CoreBaseExtTaskWithCurrentCulture(false); // retrieve return URL var returnUrl = result.Properties.Items["returnUrl"] ?? "~/"; // check if external login is in the context of an OIDC request var context = await interaction.GetAuthorizationContextAsync(returnUrl) .CoreBaseExtTaskWithCurrentCulture(false); await events.RaiseAsync( new UserLoginSuccessEvent( provider, providerUserId, user.Id.ToString(), name, true, context?.ClientId ) ).CoreBaseExtTaskWithCurrentCulture(false); var status = ModIdentityServerWebMvcPartExternalJobCallbackGetEnumStatuses.Default; if (context != null) { var isPckeRequired = await clientStore.ModIdentityServerWebExtClientIsPkceRequired(context.ClientId) .CoreBaseExtTaskWithCurrentCulture(false); if (isPckeRequired) { // if the client is PKCE then we assume it's native, so this change in how to // return the response is for better UX for the end user. status = ModIdentityServerWebMvcPartExternalJobCallbackGetEnumStatuses.Redirect; } } return(status, returnUrl); }
private async Task <DataEntityObjectUser> AutoProvisionUserAsync( string provider, string providerUserId, IEnumerable <Claim> claims, ILogger logger, HostBasePartAuthJobUserEntityCreateService jobUserEntityCreate, RoleManager <DataEntityObjectRole> roleManager, UserManager <DataEntityObjectUser> userManager ) { // create a list of claims that we want to transfer into our store var filtered = new List <Claim>(); // user's display name var name = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Name)?.Value ?? claims.FirstOrDefault(x => x.Type == ClaimTypes.Name)?.Value; if (name != null) { filtered.Add(new Claim(JwtClaimTypes.Name, name)); } else { var first = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.GivenName)?.Value ?? claims.FirstOrDefault(x => x.Type == ClaimTypes.GivenName)?.Value; var last = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.FamilyName)?.Value ?? claims.FirstOrDefault(x => x.Type == ClaimTypes.Surname)?.Value; if (first != null && last != null) { filtered.Add(new Claim(JwtClaimTypes.Name, first + " " + last)); } else if (first != null) { filtered.Add(new Claim(JwtClaimTypes.Name, first)); } else if (last != null) { filtered.Add(new Claim(JwtClaimTypes.Name, last)); } } // email var email = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Email)?.Value ?? claims.FirstOrDefault(x => x.Type == ClaimTypes.Email)?.Value; if (email != null) { filtered.Add(new Claim(JwtClaimTypes.Email, email)); } var input = new HostBasePartAuthJobUserEntityCreateInput { Email = email, LoginProvider = provider, ProviderDisplayName = provider, ProviderKey = providerUserId, RoleManager = roleManager, RoleNames = claims.HostBasePartAuthExtGetRoleNamesFromClaims(), UserManager = userManager, UserName = name }; var execResult = await CreateUserEntity(logger, jobUserEntityCreate, input).CoreBaseExtTaskWithCurrentCulture(false); if (!execResult.IsOk) { throw new Exception(string.Join(". ", execResult.ErrorMessages)); } return(execResult.Data); }