internal static async Task <bool> IsValidIdentityProviderAsync(this IClientStore store, string clientId, string provider) { var restrictions = await store.GetIdentityProviderRestrictionsAsync(clientId); if (restrictions.Any()) { return(restrictions.Contains(provider)); } return(true); }
private async Task <IHttpActionResult> RenderLoginPage(SignInMessage message, string signInMessageId, string errorMessage = null, string username = null, bool rememberMe = false) { if (message == null) { throw new ArgumentNullException("message"); } username = GetUserNameForLoginPage(message, username); var isLocalLoginAllowedForClient = await IsLocalLoginAllowedForClient(message); var isLocalLoginAllowed = isLocalLoginAllowedForClient && options.AuthenticationOptions.EnableLocalLogin; var idpRestrictions = await clientStore.GetIdentityProviderRestrictionsAsync(message.ClientId); var providers = context.GetExternalAuthenticationProviders(idpRestrictions); var providerLinks = context.GetLinksFromProviders(providers, signInMessageId); var visibleLinks = providerLinks.FilterHiddenLinks(); var client = await clientStore.FindClientByIdAsync(message.ClientId); if (errorMessage != null) { Logger.InfoFormat("rendering login page with error message: {0}", errorMessage); } else { if (isLocalLoginAllowed == false) { if (options.AuthenticationOptions.EnableLocalLogin) { Logger.Info("local login disabled"); } if (isLocalLoginAllowedForClient) { Logger.Info("local login disabled for the client"); } string url = null; if (!providerLinks.Any()) { Logger.Info("no providers registered for client"); return(RenderErrorPage()); } else if (providerLinks.Count() == 1) { Logger.Info("only one provider for client"); url = providerLinks.First().Href; } else if (visibleLinks.Count() == 1) { Logger.Info("only one visible provider"); url = visibleLinks.First().Href; } if (url.IsPresent()) { Logger.InfoFormat("redirecting to provider URL: {0}", url); return(Redirect(url)); } } Logger.Info("rendering login page"); } var loginPageLinks = options.AuthenticationOptions.LoginPageLinks.Render(Request.GetIdentityServerBaseUrl(), signInMessageId); var loginModel = new LoginViewModel { RequestId = context.GetRequestId(), SiteName = options.SiteName, SiteUrl = Request.GetIdentityServerBaseUrl(), ExternalProviders = visibleLinks, AdditionalLinks = loginPageLinks, ErrorMessage = errorMessage, LoginUrl = isLocalLoginAllowed ? Url.Route(Constants.RouteNames.Login, new { signin = signInMessageId }) : null, AllowRememberMe = options.AuthenticationOptions.CookieOptions.AllowRememberMe, RememberMe = options.AuthenticationOptions.CookieOptions.AllowRememberMe && rememberMe, CurrentUser = context.GetCurrentUserDisplayName(), LogoutUrl = context.GetIdentityServerLogoutUrl(), AntiForgery = antiForgeryToken.GetAntiForgeryToken(), Username = username, ClientName = client != null ? client.ClientName : null, ClientUrl = client != null ? client.ClientUri : null, ClientLogoUrl = client != null ? client.LogoUri : null }; return(new LoginActionResult(viewService, loginModel, message)); }