private static Model.IdentityUser GetIdentityUser(string username, string email, string name, string userClass = null)
{
var defaultUser = new Model.IdentityUser(new ApplicationUser {
UserName = username, Email = email, Name = name
});
try
{
if (!string.IsNullOrWhiteSpace(userClass) && userClass != "ApplicationUser")
{
var classType = Type.GetType($@"zAppDevRegistry.BO.{userClass}");
var unwrappedUser = Activator.CreateInstance(classType) as ApplicationUser;
if (unwrappedUser != null)
{
unwrappedUser.UserName = username;
unwrappedUser.Email = email;
unwrappedUser.Name = name;
return(new Model.IdentityUser(unwrappedUser));
}
}
}
catch (Exception e)
{
LogManager.GetLogger(typeof(IdentityHelper)).Error($"Exception caught while creating the Identity User: {e.Message}\r\n(StackTrace: {e.StackTrace})");
}
return(defaultUser);
}
private static void PrintUser(Model.IdentityUser user, ILog log)
{
try
{
if (user == null)
{
log.Debug("PrintUser: user is null");
return;
}
if (user.User == null)
{
log.Debug($"PrintUser: user {user.Id} has no ApplicationUser member");
return;
}
var userRoles = string.Join(",", user.User.Roles.Select(r => r.Name));
var userPermissions = string.Join(",", user.User.Permissions.Select(r => r.Name));
log.Debug($"User {user.Id} Roles: {userRoles}, Permissions: {userPermissions}");
foreach (var role in user.User.Roles)
{
var rolePermissions = role.Permissions.Select(a => a.Name);
log.Debug($"User {user.Id} Role {role.Name} Permissions: {rolePermissions}");
}
}
catch (Exception e)
{
log.Error($"PrintUser for user: '******' failed", e);
}
}
public static string CreateUser(CustomUserManager manager, ApplicationUser appUser, string password)
{
var user = new Model.IdentityUser(appUser);
var result = manager.CreateAsync(user, password).Result;
return(result.Succeeded ? null : result.Errors.First().Description);
}
public static List <Model.IdentityUser> Get()
{
var idUser1 = new Model.IdentityUser()
{
Id = "wuxian",
UserName = "******",
Email = "*****@*****.**",
Roles = { new IdentityUserRole <string>()
{
RoleId = "MVC.ADMIN"
} },
SecurityStamp = "wuxian"
};
idUser1.PasswordHash = new PasswordHasher <Model.IdentityUser>().HashPassword(idUser1, "wuxian");
var idUser2 = new Model.IdentityUser()
{
Id = "admin",
UserName = "******",
Email = "*****@*****.**"
};
idUser2.PasswordHash = new PasswordHasher <Model.IdentityUser>().HashPassword(idUser2, "admin");
return(new List <Model.IdentityUser>()
{
idUser1,
idUser2
});
}
public async Task <IdentityResult> CreateUser(string userName, string password)
{
var usr = new Model.IdentityUser()
{
Id = Guid.NewGuid().ToString(),
SecurityStamp = userName,
UserName = userName
};
var result = await _userManager.CreateAsync(usr);
_userManager.AddPasswordAsync(usr, password);
return(result);
}
private static ClaimsPrincipal AddClaimsForNltmAuthUser(ClaimsPrincipal incomingPrincipal, Model.IdentityUser user)
{
var newIdentity = new ClaimsIdentity("Negotiate");
newIdentity.AddClaims(incomingPrincipal.Claims);
newIdentity.AddClaims(GetCurrentApplicationUserPermissions().Select(p => new Claim(Model.ClaimTypes.Permission, p)));
newIdentity.AddClaims(user.User.Roles.Select(r => new Claim(System.Security.Claims.ClaimTypes.Role, r.Name)));
newIdentity.AddClaim(new Claim(Model.ClaimTypes.LocalLogin, bool.TrueString));
return(new ClaimsPrincipal(newIdentity));
}
public static void AddClaimsToUser(Model.IdentityUser user, IEnumerable <Claim> claims)
{
AddClaimsToUser(user.User, claims);
}
public async Task <IdentityUser> Handle(CreateUserCommand message, CancellationToken cancellationToken)
{
if (message.TenantId == null)
{
throw new ArgumentException("An email must be specified", nameof(message.TenantId));
}
var tenant = await _repository.GetById(message.TenantId) ?? throw new ArgumentException("The tenant does not exist", nameof(message.TenantId));
var user = new Model.IdentityUser {
TenantId = message.TenantId,
UserName = message.Email,
Email = message.Email,
GivenName = message.GivenName,
FamilyName = message.FamilyName,
Culture = message.Culture,
Picture = message.Picture,
LinkedinProviderData = message.ProviderName != null && message.ProviderName.ToLower() == "linkedin" ? message.ProviderData : null,
GoogleProviderData = message.ProviderName != null && message.ProviderName.ToLower() == "google" ? message.ProviderData : null
};
IdentityResult result = string.IsNullOrWhiteSpace(message.Password) ? await _userManager.CreateAsync(user) : await _userManager.CreateAsync(user, message.Password);
if (!result.Succeeded)
{
if (result.Errors.First().Code == "DuplicateUserName")
{
throw new ArgumentException(result.Errors.First().Description, "email");
}
else
{
throw new ArgumentException(result.Errors.First().Description);
}
}
if (message.Roles != null)
{
result = await _userManager.AddToRolesAsync(user, message.Roles.Where(r => user.Roles.Any(ur => r != ur)));
if (!result.Succeeded)
{
throw new Exception(result.Errors.First().Description);
}
}
result = await _userManager.AddClaimsAsync(user, new Claim[] {
new Claim(JwtClaimTypes.Name, user.Email ?? ""),
new Claim(JwtClaimTypes.GivenName, user.GivenName ?? ""),
new Claim(JwtClaimTypes.FamilyName, user.FamilyName ?? ""),
new Claim(JwtClaimTypes.Email, user.Email ?? ""),
new Claim(JwtClaimTypes.Picture, user.Picture ?? ""),
new Claim(JwtClaimTypes.Locale, user.Culture ?? ""),
new Claim(JwtClaimTypes.EmailVerified, user.EmailConfirmed.ToString(), ClaimValueTypes.Boolean),
new Claim(JwtClaimTypes.Role, JsonConvert.SerializeObject(user.Roles), IdentityServer4.IdentityServerConstants.ClaimValueTypes.Json),
new Claim("tenant_id", tenant.Id.ToString()),
new Claim("tenant_name", tenant.Name)
});
if (!result.Succeeded)
{
throw new Exception(result.Errors.First().Description);
}
var ev = new UserCreatedEvent
{
UserId = Guid.Parse(user.Id),
TenantId = user.TenantId,
GivenName = user.GivenName,
FamilyName = user.FullName,
Email = user.Email,
Phone = user.PhoneNumber,
Picture = user.Picture,
ProviderName = message.ProviderName,
ProviderData = message.ProviderData,
RegistrationDate = user.RegistrationDate
};
await _bus.Send(ev);
return(user);
}
