public User CreateUser(ExternalUserDetails externalUserDetails)
{
if (externalUserDetails == null)
{
throw new ArgumentNullException(nameof(externalUserDetails));
}
if (externalUserDetails.UserType == UserType.Local)
{
throw new ArgumentException("Invalid user type.");
}
var user = new User
{
ExternalId = externalUserDetails.Id,
Type = externalUserDetails.UserType,
Email = externalUserDetails.Email,
FirstName = externalUserDetails.FirstName,
LastName = externalUserDetails.LastName,
DisplayName = externalUserDetails.DisplayName,
Description = externalUserDetails.Description,
PictureUrl = externalUserDetails.PictureUrl
};
_userRepository.Add(user);
return(user);
}
public async Task <UserSession> CreateSessionForExternalUser(ExternalUserDetails externalUserDetails)
{
var user = await _userBusinessLogic.FindByEmail(externalUserDetails.Email);
if (user == null)
{
user = _userBusinessLogic.CreateUser(externalUserDetails);
}
else
{
if (user.Type != externalUserDetails.UserType)
{
throw new InvalidOperationException("Multiple sign-in providers are not supported for the same user.");
}
// Check number of active sessions
var activeSessionsCount = _userSessionRepository.GetActiveUserSessionsCount(user.Id);
if (activeSessionsCount >= ApplicationConstants.Sessions.MaxActiveSessions)
{
throw new InvalidOperationException($"Max number of active sessions reached for user '{user.Id}'.");
}
// Update user information
user.FirstName = externalUserDetails.FirstName;
user.LastName = externalUserDetails.LastName;
user.DisplayName = externalUserDetails.DisplayName;
user.PictureUrl = externalUserDetails.PictureUrl;
}
var session = new UserSession
{
Token = Guid.NewGuid(), // TODO: use cryptographically random tokens
State = UserSessionState.Active,
CreationDate = DateTime.UtcNow,
UserId = user.Id
};
_userSessionRepository.Add(session);
return(session);
}
public static async Task <ExternalUserDetails> GetUserDetails(SignInLinkedinModel model, CancellationToken cancellationToken)
{
if (model == null)
{
return(null);
}
HttpClient httpClient = null;
try
{
httpClient = CreateHttpClient();
//1. get the access token
var responseMessage = await httpClient.PostAsync(AccessTokenUrl,
new FormUrlEncodedContent(new List <KeyValuePair <string, string> >
{
new KeyValuePair <string, string>("grant_type", "authorization_code"),
new KeyValuePair <string, string>("code", model.Code),
new KeyValuePair <string, string>("redirect_uri", model.RedirectUri),
new KeyValuePair <string, string>("client_id", ApplicationSettings.LinkedinClientId),
new KeyValuePair <string, string>("client_secret", ApplicationSettings.LinkedinClientSecret)
}), cancellationToken);
responseMessage.EnsureSuccessStatusCode();
var jObject = JObject.Parse(await responseMessage.Content.ReadAsStringAsync());
var accessToken = jObject.GetStringValue("access_token");
//2. get user info
var request = new HttpRequestMessage(HttpMethod.Get, UserInfoBaseUrl + "?format=json&oauth2_access_token=" + Uri.EscapeDataString(accessToken));
responseMessage = await httpClient.SendAsync(request, cancellationToken);
responseMessage.EnsureSuccessStatusCode();
var responseContent = await responseMessage.Content.ReadAsStringAsync();
jObject = JObject.Parse(responseContent);
var result = new ExternalUserDetails
{
UserType = UserType.ExternalLinkedin,
Id = jObject.GetStringValue("id"),
Email = jObject.GetStringValue("emailAddress"),
FirstName = jObject.GetStringValue("firstName"),
LastName = jObject.GetStringValue("lastName"),
DisplayName = jObject.GetStringValue("formattedName"),
Description = jObject.GetStringValue("headline"),
PictureUrl = GetPictureUrl(jObject)
};
return(result);
}
catch (Exception e)
{
Log.Error("Could not fetch Linkedin user details.", e);
return(null);
}
finally
{
if (httpClient != null)
{
httpClient.Dispose();
}
}
}
