private async Task <Entities.User> AutoProvisionWindowsUser(string provider, string providerUserId, IEnumerable <Claim> claims) { if (_windowsKeyMap.ContainsKey(providerUserId)) { // find matching user var existingUser = await _localUserService.GetUserBySubjectAsync(_windowsKeyMap[providerUserId]); if (existingUser != null) { await _localUserService.AddExternalProviderToUser( existingUser.Subject, provider, providerUserId); await _localUserService.SaveChangesAsync(); return(existingUser); } } var user = _localUserService.ProvisionUserFromExternalIdentity(provider, providerUserId, new List <Claim>()); await _localUserService.SaveChangesAsync(); return(user); }
public async Task <IActionResult> CallbackLink() { // read external identity from the temporary cookie var result = await HttpContext.AuthenticateAsync(IdentityServerConstants.ExternalCookieAuthenticationScheme); if (result?.Succeeded != true) { throw new Exception("External authentication error"); } if (_logger.IsEnabled(LogLevel.Debug)) { var externalClaims = result.Principal.Claims.Select(c => $"{c.Type}: {c.Value}"); _logger.LogDebug("External claims: {@claims}", externalClaims); } // lookup our user and external provider info var(provider, providerUserId, claims) = await FindFromExternalProvider(result); if (HttpContext.User.Identity.IsAuthenticated) { var subject = HttpContext.User.Claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Subject); try { await _localUserService.AddExternalProviderToUser( subject.Value, provider, providerUserId); await _localUserService.SaveChangesAsync(); } catch (DbUpdateException e) { Debug.WriteLine(e.Message); } } // delete temporary cookie used during external authentication await HttpContext.SignOutAsync(IdentityServerConstants.ExternalCookieAuthenticationScheme); // retrieve return URL var returnUrl = Base64UrlEncoder.Decode(result.Properties.Items["returnUrl"]) ?? "~/"; // check if external login is in the context of an OIDC request var context = await _interaction.GetAuthorizationContextAsync(returnUrl); if (context != null) { if (context.IsNativeClient()) { // The client is native, so this change in how to // return the response is for better UX for the end user. return(this.LoadingPage("Redirect", returnUrl)); } } return(Redirect(returnUrl)); }