public virtual async Task <AuthenticateExternalLoginResult> ReadExternalLoginCredential(IOwinContext context) { var result = await context.Authentication.AuthenticateAsync(AuthenticationTypes.External); if (result == null) { _trace.Information("No external login found."); return(new AuthenticateExternalLoginResult()); } var idClaim = result.Identity.FindFirst(ClaimTypes.NameIdentifier); if (idClaim == null) { _trace.Error("External Authentication is missing required claim: " + ClaimTypes.NameIdentifier); return(new AuthenticateExternalLoginResult()); } var nameClaim = result.Identity.FindFirst(ClaimTypes.Name); if (nameClaim == null) { _trace.Error("External Authentication is missing required claim: " + ClaimTypes.Name); return(new AuthenticateExternalLoginResult()); } var emailClaim = result.Identity.FindFirst(ClaimTypes.Email); string emailSuffix = emailClaim == null ? String.Empty : (" <" + emailClaim.Value + ">"); var tenantIdClaim = result.Identity.FindFirst(tenantIdClaimType); Authenticator auther; string authenticationType = idClaim.Issuer; if (!Authenticators.TryGetValue(idClaim.Issuer, out auther)) { foreach (var authenticator in Authenticators.Values) { if (authenticator.TryMapIssuerToAuthenticationType(idClaim.Issuer, out authenticationType)) { auther = authenticator; break; } } } return(new AuthenticateExternalLoginResult() { Authentication = null, ExternalIdentity = result.Identity, Authenticator = auther, Credential = _credentialBuilder.CreateExternalCredential(authenticationType, idClaim.Value, nameClaim.Value + emailSuffix, tenantIdClaim?.Value) }); }
private Credential FindMatchingCredential(Credential credential) { var results = Entities .Set <Credential>() .Include(u => u.User) .Include(u => u.User.Roles) .Where(c => c.Type == credential.Type && c.Value == credential.Value) .ToList(); if (results.Count == 0) { return(null); } else if (results.Count == 1) { return(results[0]); } else { // Don't put the credential itself in trace, but do put the Key for lookup later. string message = String.Format( CultureInfo.CurrentCulture, Strings.MultipleMatchingCredentials, credential.Type, results.First().Key); Trace.Error(message); throw new InvalidOperationException(message); } }
public async virtual Task <AuthenticateExternalLoginResult> ReadExternalLoginCredential(IOwinContext context) { var result = await context.Authentication.AuthenticateAsync(AuthenticationTypes.External); if (result == null) { Trace.Information("No external login found."); return(new AuthenticateExternalLoginResult()); } var idClaim = result.Identity.FindFirst(ClaimTypes.NameIdentifier); if (idClaim == null) { Trace.Error("External Authentication is missing required claim: " + ClaimTypes.NameIdentifier); return(new AuthenticateExternalLoginResult()); } var nameClaim = result.Identity.FindFirst(ClaimTypes.Name); if (nameClaim == null) { Trace.Error("External Authentication is missing required claim: " + ClaimTypes.Name); return(new AuthenticateExternalLoginResult()); } var emailClaim = result.Identity.FindFirst(ClaimTypes.Email); string emailSuffix = emailClaim == null ? String.Empty : (" <" + emailClaim.Value + ">"); Authenticator auther; if (!Authenticators.TryGetValue(idClaim.Issuer, out auther)) { auther = null; } return(new AuthenticateExternalLoginResult() { Authentication = null, ExternalIdentity = result.Identity, Authenticator = auther, Credential = CredentialBuilder.CreateExternalCredential(idClaim.Issuer, idClaim.Value, nameClaim.Value + emailSuffix) }); }
public virtual async Task <AuthenticateExternalLoginResult> ReadExternalLoginCredential(IOwinContext context) { var result = await context.Authentication.AuthenticateAsync(AuthenticationTypes.External); if (result?.Identity?.Claims == null) { _trace.Information("No external login found."); return(new AuthenticateExternalLoginResult()); } var externalIdentity = result.Identity; Authenticator authenticator = Authenticators .Values .FirstOrDefault(a => a.IsProviderForIdentity(externalIdentity)); if (authenticator == null) { _trace.Error($"No authenticator found for identity: {externalIdentity.AuthenticationType}"); return(new AuthenticateExternalLoginResult()); } try { var userInfo = authenticator.GetIdentityInformation(externalIdentity); var emailSuffix = userInfo.Email == null ? string.Empty : (" <" + userInfo.Email + ">"); var identity = userInfo.Name + emailSuffix; return(new AuthenticateExternalLoginResult() { Authentication = null, ExternalIdentity = externalIdentity, Authenticator = authenticator, Credential = _credentialBuilder.CreateExternalCredential(userInfo.AuthenticationType, userInfo.Identifier, identity, userInfo.TenantId), LoginDetails = new ExternalLoginSessionDetails(userInfo.Email, userInfo.UsedMultiFactorAuthentication), UserInfo = userInfo }); } catch (Exception ex) { _trace.Error(ex.Message); return(new AuthenticateExternalLoginResult()); } }