protected override async Task <AuthenticationTicket> CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens) { log.LogDebug("CreateTicketAsync called"); var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken); var response = await Backchannel.SendAsync(request, Context.RequestAborted); response.EnsureSuccessStatusCode(); var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); var notification = new OAuthAuthenticatedContext(Context, Options, Backchannel, tokens, payload) { Properties = properties, Principal = new ClaimsPrincipal(identity) }; var identifier = MicrosoftAccountAuthenticationHelper.GetId(payload); if (!string.IsNullOrEmpty(identifier)) { identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, identifier, ClaimValueTypes.String, Options.ClaimsIssuer)); identity.AddClaim(new Claim("urn:microsoftaccount:id", identifier, ClaimValueTypes.String, Options.ClaimsIssuer)); } var name = MicrosoftAccountAuthenticationHelper.GetName(payload); if (!string.IsNullOrEmpty(name)) { identity.AddClaim(new Claim(ClaimTypes.Name, name, ClaimValueTypes.String, Options.ClaimsIssuer)); identity.AddClaim(new Claim("urn:microsoftaccount:name", name, ClaimValueTypes.String, Options.ClaimsIssuer)); } var email = MicrosoftAccountAuthenticationHelper.GetEmail(payload); if (!string.IsNullOrEmpty(email)) { identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, Options.ClaimsIssuer)); } await Options.Notifications.Authenticated(notification); ISiteSettings site = siteResolver.Resolve(); if (site != null) { Claim siteGuidClaim = new Claim("SiteGuid", site.SiteGuid.ToString()); if (!identity.HasClaim(siteGuidClaim.Type, siteGuidClaim.Value)) { identity.AddClaim(siteGuidClaim); } } //return new AuthenticationTicket(notification.Principal, notification.Properties, notification.Options.AuthenticationScheme); return(new AuthenticationTicket(notification.Principal, notification.Properties, AuthenticationScheme.External)); }
internal static async Task OnAuthenticated(OAuthAuthenticatedContext context) { if (context.Principal != null) { Helpers.ThrowIfConditionFailed(() => context.AccessToken == "ValidAccessToken", "Access token is not valid"); Helpers.ThrowIfConditionFailed(() => context.RefreshToken == "ValidRefreshToken", "Refresh token is not valid"); Helpers.ThrowIfConditionFailed(() => MicrosoftAccountAuthenticationHelper.GetFirstName(context.User) == "AspnetvnextTest", "Email is not valid"); Helpers.ThrowIfConditionFailed(() => MicrosoftAccountAuthenticationHelper.GetLastName(context.User) == "AspnetvnextTest", "Email is not valid"); Helpers.ThrowIfConditionFailed(() => MicrosoftAccountAuthenticationHelper.GetId(context.User) == "fccf9a24999f4f4f", "Id is not valid"); Helpers.ThrowIfConditionFailed(() => MicrosoftAccountAuthenticationHelper.GetName(context.User) == "AspnetvnextTest AspnetvnextTest", "Name is not valid"); Helpers.ThrowIfConditionFailed(() => context.ExpiresIn.Value == TimeSpan.FromSeconds(3600), "ExpiresIn is not valid"); Helpers.ThrowIfConditionFailed(() => context.User != null, "User object is not valid"); Helpers.ThrowIfConditionFailed(() => MicrosoftAccountAuthenticationHelper.GetId(context.User) == context.User.SelectToken("id").ToString(), "User id is not valid"); context.Principal.Identities.First().AddClaim(new Claim("ManageStore", "false")); } await Task.FromResult(0); }