/// <summary>
/// Конструктор.
/// </summary>
/// <param name="coreBaseResourceErrors">Ядро. Основа. Ресурсы. Ошибки.</param>
/// <param name="resourceSuccesses">Ресурсы. Успехи.</param>
/// <param name="resourceErrors">Ресурсы. Ошибки.</param>
/// <param name="service">Сервис.</param>
public HostBasePartAuthJobs(
CoreBaseResourceErrors coreBaseResourceErrors,
HostBasePartAuthResourceSuccesses resourceSuccesses,
HostBasePartAuthResourceErrors resourceErrors,
HostBasePartAuthService service
)
{
JobCurrentUserGet = new HostBasePartAuthJobCurrentUserGetService(
service.GetCurrentUser,
coreBaseResourceErrors,
resourceSuccesses,
resourceErrors
);
JobSeed = new HostBasePartAuthJobSeedService(
service.Seed,
coreBaseResourceErrors,
resourceErrors
);
JobUserEntityCreate = new HostBasePartAuthJobUserEntityCreateService(
service.CreateUserEntity,
coreBaseResourceErrors,
resourceSuccesses,
resourceErrors
);
}
/// <summary>
/// Конструктор.
/// </summary>
/// <param name="appJobCallbackGet">Задание на получение обратного вызова.</param>
/// <param name="appJobChallengeGet">Задание на отправку вызова.</param>
/// <param name="appJobUserEntityCreate">Задание на создание сущности пользователя.</param>
/// <param name="extClientStore">Хранилище клиентов.</param>
/// <param name="extEvents">События.</param>
/// <param name="extInteraction">Взаимодействие.</param>
/// <param name="extLogger">Регистратор.</param>
/// <param name="extRoleManager">Менеджер ролей.</param>
/// <param name="extSignInManager">Менеджер входа в систему.</param>
/// <param name="extUserManager">Менеджер пользователей.</param>
/// <param name="extViewEngine">Средство создания представлений.</param>
public ModIdentityServerWebMvcPartExternalModel(
ModIdentityServerWebMvcPartExternalJobCallbackGetService appJobCallbackGet,
ModIdentityServerWebMvcPartExternalJobChallengeGetService appJobChallengeGet,
HostBasePartAuthJobUserEntityCreateService appJobUserEntityCreate,
IClientStore extClientStore,
IEventService extEvents,
IIdentityServerInteractionService extInteraction,
ILogger <ModIdentityServerWebMvcPartExternalModel> extLogger,
RoleManager <DataEntityObjectRole> extRoleManager,
SignInManager <DataEntityObjectUser> extSignInManager,
UserManager <DataEntityObjectUser> extUserManager,
ICompositeViewEngine extViewEngine
)
: base(extLogger, extViewEngine)
{
AppJobCallbackGet = appJobCallbackGet;
AppJobChallengeGet = appJobChallengeGet;
AppJobUserEntityCreate = appJobUserEntityCreate;
ExtClientStore = extClientStore;
ExtEvents = extEvents;
ExtInteraction = extInteraction;
ExtRoleManager = extRoleManager;
ExtSignInManager = extSignInManager;
ExtUserManager = extUserManager;
}
private async Task <CoreBaseExecutionResultWithData <DataEntityObjectUser> > CreateUserEntity(
ILogger logger,
HostBasePartAuthJobUserEntityCreateService job,
HostBasePartAuthJobUserEntityCreateInput input
)
{
var result = new CoreBaseExecutionResultWithData <DataEntityObjectUser>();
try
{
result.Data = await job.Execute(input).CoreBaseExtTaskWithCurrentCulture(false);
job.OnSuccess(logger, result, input);
}
catch (Exception ex)
{
job.OnError(ex, logger, result);
}
return(result);
}
)> ProcessCallbackGet(
IClientStore clientStore,
IEventService events,
HttpContext httpContext,
IIdentityServerInteractionService interaction,
HostBasePartAuthJobUserEntityCreateService jobUserEntityCreate,
ILogger logger,
RoleManager <DataEntityObjectRole> roleManager,
SignInManager <DataEntityObjectUser> signInManager,
UserManager <DataEntityObjectUser> userManager
)
{
// read external identity from the temporary cookie
var result = await httpContext.AuthenticateAsync(IdentityConstants.ExternalScheme)
.CoreBaseExtTaskWithCurrentCulture(false);
if (result?.Succeeded != true)
{
throw new ModIdentityServerBaseExceptionExternalAuthentication();
}
// lookup our user and external provider info
var(user, provider, providerUserId, claims) = await FindUserFromExternalProviderAsync(result, userManager);
if (user == null)
{
// this might be where you might initiate a custom workflow for user registration
// in this sample we don't show how that would be done, as our sample implementation
// simply auto-provisions new external user
user = await AutoProvisionUserAsync(
provider,
providerUserId,
claims,
logger,
jobUserEntityCreate,
roleManager,
userManager
).CoreBaseExtTaskWithCurrentCulture(false);
}
// this allows us to collect any additonal claims or properties
// for the specific prtotocols used and store them in the local auth cookie.
// this is typically used to store data needed for signout from those protocols.
var additionalLocalClaims = new List <Claim>();
var localSignInProps = new AuthenticationProperties();
ProcessCallbackGetForOidc(result, additionalLocalClaims, localSignInProps);
// issue authentication cookie for user
// we must issue the cookie maually, and can't use the SignInManager because
// it doesn't expose an API to issue additional claims from the login workflow
var principal = await signInManager.CreateUserPrincipalAsync(user)
.CoreBaseExtTaskWithCurrentCulture(false);
additionalLocalClaims.AddRange(principal.Claims);
var name = principal.FindFirst(JwtClaimTypes.Name)?.Value ?? user.Id.ToString();
await httpContext.SignInAsync(
user.Id.ToString(),
name,
provider,
localSignInProps,
additionalLocalClaims.ToArray()
).CoreBaseExtTaskWithCurrentCulture(false);
// delete temporary cookie used during external authentication
await httpContext.SignOutAsync(IdentityConstants.ExternalScheme)
.CoreBaseExtTaskWithCurrentCulture(false);
// retrieve return URL
var returnUrl = result.Properties.Items["returnUrl"] ?? "~/";
// check if external login is in the context of an OIDC request
var context = await interaction.GetAuthorizationContextAsync(returnUrl)
.CoreBaseExtTaskWithCurrentCulture(false);
await events.RaiseAsync(
new UserLoginSuccessEvent(
provider,
providerUserId,
user.Id.ToString(),
name,
true,
context?.ClientId
)
).CoreBaseExtTaskWithCurrentCulture(false);
var status = ModIdentityServerWebMvcPartExternalJobCallbackGetEnumStatuses.Default;
if (context != null)
{
var isPckeRequired = await clientStore.ModIdentityServerWebExtClientIsPkceRequired(context.ClientId)
.CoreBaseExtTaskWithCurrentCulture(false);
if (isPckeRequired)
{
// if the client is PKCE then we assume it's native, so this change in how to
// return the response is for better UX for the end user.
status = ModIdentityServerWebMvcPartExternalJobCallbackGetEnumStatuses.Redirect;
}
}
return(status, returnUrl);
}
private async Task <DataEntityObjectUser> AutoProvisionUserAsync(
string provider,
string providerUserId,
IEnumerable <Claim> claims,
ILogger logger,
HostBasePartAuthJobUserEntityCreateService jobUserEntityCreate,
RoleManager <DataEntityObjectRole> roleManager,
UserManager <DataEntityObjectUser> userManager
)
{
// create a list of claims that we want to transfer into our store
var filtered = new List <Claim>();
// user's display name
var name = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Name)?.Value ??
claims.FirstOrDefault(x => x.Type == ClaimTypes.Name)?.Value;
if (name != null)
{
filtered.Add(new Claim(JwtClaimTypes.Name, name));
}
else
{
var first = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.GivenName)?.Value ??
claims.FirstOrDefault(x => x.Type == ClaimTypes.GivenName)?.Value;
var last = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.FamilyName)?.Value ??
claims.FirstOrDefault(x => x.Type == ClaimTypes.Surname)?.Value;
if (first != null && last != null)
{
filtered.Add(new Claim(JwtClaimTypes.Name, first + " " + last));
}
else if (first != null)
{
filtered.Add(new Claim(JwtClaimTypes.Name, first));
}
else if (last != null)
{
filtered.Add(new Claim(JwtClaimTypes.Name, last));
}
}
// email
var email = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Email)?.Value ??
claims.FirstOrDefault(x => x.Type == ClaimTypes.Email)?.Value;
if (email != null)
{
filtered.Add(new Claim(JwtClaimTypes.Email, email));
}
var input = new HostBasePartAuthJobUserEntityCreateInput
{
Email = email,
LoginProvider = provider,
ProviderDisplayName = provider,
ProviderKey = providerUserId,
RoleManager = roleManager,
RoleNames = claims.HostBasePartAuthExtGetRoleNamesFromClaims(),
UserManager = userManager,
UserName = name
};
var execResult = await CreateUserEntity(logger, jobUserEntityCreate, input).CoreBaseExtTaskWithCurrentCulture(false);
if (!execResult.IsOk)
{
throw new Exception(string.Join(". ", execResult.ErrorMessages));
}
return(execResult.Data);
}
