public virtual void AssociateExternalAccountWithUser(Customer customer, OpenAuthenticationParameters parameters) { if (customer == null) { throw new ArgumentNullException("customer"); } //find email string email = null; if (parameters.UserClaims != null) { foreach (var userClaim in parameters.UserClaims .Where(x => x.Contact != null && !String.IsNullOrEmpty(x.Contact.Email))) { //found email = userClaim.Contact.Email; break; } } var externalAuthenticationRecord = new ExternalAuthenticationRecord { CustomerId = customer.Id, Email = email, ExternalIdentifier = parameters.ExternalIdentifier, ExternalDisplayIdentifier = parameters.ExternalDisplayIdentifier, OAuthToken = parameters.OAuthToken, OAuthAccessToken = parameters.OAuthAccessToken, ProviderSystemName = parameters.ProviderSystemName }; _externalAuthenticationRecordRepository.Insert(externalAuthenticationRecord); }
public virtual void RemoveAssociation(OpenAuthenticationParameters parameters) { var record = _externalAuthenticationRecordRepository.Table .FirstOrDefault(o => o.ExternalIdentifier == parameters.ExternalIdentifier && o.ProviderSystemName == parameters.ProviderSystemName); if (record != null) { _externalAuthenticationRecordRepository.Delete(record); } }
public virtual Customer GetUser(OpenAuthenticationParameters parameters) { var record = _externalAuthenticationRecordRepository.Table .FirstOrDefault(o => o.ExternalIdentifier == parameters.ExternalIdentifier && o.ProviderSystemName == parameters.ProviderSystemName); if (record != null) { return(_customerService.GetCustomerById(record.CustomerId)); } return(null); }
public static void StoreParametersForRoundTrip(OpenAuthenticationParameters parameters) { var session = GetSession(); session["nop.externalauth.parameters"] = parameters; }
public virtual bool AccountExists(OpenAuthenticationParameters parameters) { return(GetUser(parameters) != null); }
public virtual AuthorizationResult Authorize(OpenAuthenticationParameters parameters) { var userFound = _openAuthenticationService.GetUser(parameters); var userLoggedIn = _workContext.CurrentCustomer.IsRegistered() ? _workContext.CurrentCustomer : null; if (AccountAlreadyExists(userFound, userLoggedIn)) { if (AccountIsAssignedToLoggedOnAccount(userFound, userLoggedIn)) { // The person is trying to log in as himself.. bit weird return(new AuthorizationResult(OpenAuthenticationStatus.Authenticated)); } var result = new AuthorizationResult(OpenAuthenticationStatus.Error); result.AddError("Account is already assigned"); return(result); } if (AccountDoesNotExistAndUserIsNotLoggedOn(userFound, userLoggedIn)) { ExternalAuthorizerHelper.StoreParametersForRoundTrip(parameters); if (AutoRegistrationIsEnabled()) { #region Register user var currentCustomer = _workContext.CurrentCustomer; var details = new RegistrationDetails(parameters); var randomPassword = CommonHelper.GenerateRandomDigitCode(20); var isApproved = //standard registration (_customerSettings.UserRegistrationType == UserRegistrationType.Standard) || //skip email validation? (_customerSettings.UserRegistrationType == UserRegistrationType.EmailValidation && !_externalAuthenticationSettings.RequireEmailValidation); var registrationRequest = new CustomerRegistrationRequest(currentCustomer, details.EmailAddress, _customerSettings.UsernamesEnabled ? details.UserName : details.EmailAddress, randomPassword, PasswordFormat.Clear, isApproved); var registrationResult = _customerRegistrationService.RegisterCustomer(registrationRequest); if (registrationResult.Success) { //store other parameters (form fields) if (!String.IsNullOrEmpty(details.FirstName)) { _genericAttributeService.SaveAttribute(currentCustomer, SystemCustomerAttributeNames.FirstName, details.FirstName); } if (!String.IsNullOrEmpty(details.LastName)) { _genericAttributeService.SaveAttribute(currentCustomer, SystemCustomerAttributeNames.LastName, details.LastName); } userFound = currentCustomer; _openAuthenticationService.AssociateExternalAccountWithUser(currentCustomer, parameters); ExternalAuthorizerHelper.RemoveParameters(); //code below is copied from CustomerController.Register method //authenticate if (isApproved) { _authenticationService.SignIn(userFound ?? userLoggedIn, false); } //notifications if (_customerSettings.NotifyNewCustomerRegistration) { _workflowMessageService.SendCustomerRegisteredNotificationMessage(currentCustomer, _localizationSettings.DefaultAdminLanguageId); } //raise event _eventPublisher.Publish(new CustomerRegisteredEvent(currentCustomer)); if (isApproved) { //standard registration //or //skip email validation //send customer welcome message _workflowMessageService.SendCustomerWelcomeMessage(currentCustomer, _workContext.WorkingLanguage.Id); //result return(new AuthorizationResult(OpenAuthenticationStatus.AutoRegisteredStandard)); } if (_customerSettings.UserRegistrationType == UserRegistrationType.EmailValidation) { //email validation message _genericAttributeService.SaveAttribute(currentCustomer, SystemCustomerAttributeNames.AccountActivationToken, Guid.NewGuid().ToString()); _workflowMessageService.SendCustomerEmailValidationMessage(currentCustomer, _workContext.WorkingLanguage.Id); //result return(new AuthorizationResult(OpenAuthenticationStatus.AutoRegisteredEmailValidation)); } if (_customerSettings.UserRegistrationType == UserRegistrationType.AdminApproval) { //result return(new AuthorizationResult(OpenAuthenticationStatus.AutoRegisteredAdminApproval)); } } else { ExternalAuthorizerHelper.RemoveParameters(); var result = new AuthorizationResult(OpenAuthenticationStatus.Error); foreach (var error in registrationResult.Errors) { result.AddError(string.Format(error)); } return(result); } #endregion } else if (RegistrationIsEnabled()) { return(new AuthorizationResult(OpenAuthenticationStatus.AssociateOnLogon)); } else { ExternalAuthorizerHelper.RemoveParameters(); var result = new AuthorizationResult(OpenAuthenticationStatus.Error); result.AddError("Registration is disabled"); return(result); } } if (userFound == null) { _openAuthenticationService.AssociateExternalAccountWithUser(userLoggedIn, parameters); } //authenticate _authenticationService.SignIn(userFound ?? userLoggedIn, false); //raise event _eventPublisher.Publish(new CustomerLoggedinEvent(userFound ?? userLoggedIn)); //activity log _customerActivityService.InsertActivity("PublicStore.Login", _localizationService.GetResource("ActivityLog.PublicStore.Login"), userFound ?? userLoggedIn); return(new AuthorizationResult(OpenAuthenticationStatus.Authenticated)); }