public async Task ValidateAsync(ExtensionGrantValidationContext context) { try { var providerName = context.Request.Raw.Get(TokenExchangeGrantParameters.Provider); var externalToken = context.Request.Raw.Get(TokenExchangeGrantParameters.ExternalToken); var requestEmail = context.Request.Raw.Get(TokenExchangeGrantParameters.Email); if (string.IsNullOrWhiteSpace(providerName)) { context.Result = GrantValidationResultHelpers.Error(TokenExchangeErrors.InvalidProvider); return; } if (string.IsNullOrWhiteSpace(externalToken)) { context.Result = GrantValidationResultHelpers.Error(TokenExchangeErrors.InvalidExternalToken); return; } var provider = await _providerStore.GetProviderByNameAsync(providerName); if (provider == null) { context.Result = GrantValidationResultHelpers.Error(TokenExchangeErrors.ProviderNotFound); return; } var tokenService = _tokenServiceAccessor(providerName); var userInfo = await tokenService.GetUserInfoAsync(externalToken); if (userInfo == null) { context.Result = GrantValidationResultHelpers.Error(TokenExchangeErrors.UserInfoNotRetrieved); return; } var externalId = userInfo.Value <string>("id"); if (!string.IsNullOrWhiteSpace(externalId)) { var existingUserId = await _externalUserStore.FindByProviderAsync(providerName, externalId); if (!string.IsNullOrWhiteSpace(existingUserId)) { var claims = await _externalUserStore.GetUserClaimsByExternalIdAsync(externalId); context.Result = GrantValidationResultHelpers.Success(existingUserId, providerName, claims); } } if (string.IsNullOrWhiteSpace(requestEmail)) { context.Result = await _nonEmailUserProcessor.ProcessAsync(userInfo, providerName); return; } context.Result = await _emailUserProcessor.ProcessAsync(userInfo, requestEmail, providerName); } catch (Exception e) { context.Result = GrantValidationResultHelpers.Error(e.Message); } }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { var provider = context.Request.Raw.Get("provider"); if (string.IsNullOrWhiteSpace(provider)) { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidRequest, "invalid provider"); return; } var token = context.Request.Raw.Get("external_token"); if (string.IsNullOrWhiteSpace(token)) { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidRequest, "invalid external token"); return; } var requestEmail = context.Request.Raw.Get("email"); var providerType = (ProviderType)Enum.Parse(typeof(ProviderType), provider, true); if (!Enum.IsDefined(typeof(ProviderType), providerType)) { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidRequest, "invalid provider"); return; } var userInfo = _providers[providerType].GetUserInfo(token); if (userInfo == null) { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidRequest, "couldn't retrieve user info from specified provider, please make sure that access token is not expired."); return; } var externalId = userInfo.Value <string>("id"); if (!string.IsNullOrWhiteSpace(externalId)) { var user = await _userManager.FindByLoginAsync(provider, externalId); if (null != user) { var userClaims = _userManager.GetClaimsAsync(user).Result; context.Result = new GrantValidationResult(user.Id, provider, userClaims, provider, null); return; } } if (string.IsNullOrWhiteSpace(requestEmail)) { context.Result = await _nonEmailUserProcessor.ProcessAsync(userInfo, provider); return; } context.Result = await _emailUserProcessor.ProcessAsync(userInfo, requestEmail, provider); return; }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { var providerName = context.Request.Raw.Get("provider"); if (string.IsNullOrEmpty(providerName)) { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidRequest, "invalid provider"); return; } var idToken = context.Request.Raw.Get("id_token"); if (string.IsNullOrEmpty(idToken)) { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidRequest, "invalid external token"); return; } var validationSettings = new ValidationSettings(); //{ Audience = new[] { "YOUR_CLIENT_ID" } }; Payload userInfoPayload = await GoogleJsonWebSignature .ValidateAsync(idToken, validationSettings); if (userInfoPayload == null) { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidRequest, "couldn't retrieve user info from specified provider, please make sure that token is not expired."); return; } /** * // Get profile information from payload * String email = payload.getEmail(); * boolean emailVerified = Boolean.valueOf(payload.getEmailVerified()); * String name = (String) payload.get("name"); * String pictureUrl = (String) payload.get("picture"); * String locale = (String) payload.get("locale"); * String familyName = (String) payload.get("family_name"); * String givenName = (String) payload.get("given_name"); * * // Use or store profile information */ // this part signs in user directly if user already exists var userExternalId = userInfoPayload.Subject; if (!string.IsNullOrEmpty(userExternalId)) { // find if external user is already logged in var extenalLoggedInUser = await _userManager.FindByLoginAsync(providerName, userExternalId); // this part if external user is already logged in if (extenalLoggedInUser != null) { // so find the user from db to retrieve claims to send into token var user = await _userManager.FindByIdAsync(extenalLoggedInUser.Id); // to find the db user claims var userClaims = await _userManager.GetClaimsAsync(user); context.Result = new GrantValidationResult( user.Id, providerName, userClaims, providerName, null); return; } } // this part registers user // get email from the post request context var requestEmail = context.Request.Raw.Get("email"); if (string.IsNullOrEmpty(requestEmail)) { context.Result = await _nonEmailUserProcessor.ProcessAsync(userInfoPayload, providerName); return; } // if email found in post request context // that is from client application email parameter is sent context.Result = await _emailUserProcessor.ProcessAsync(userInfoPayload, requestEmail, providerName); return; }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { try { var providerName = context.Request.Raw.Get(ExternalGrantParameters.Provider); var externalToken = context.Request.Raw.Get(ExternalGrantParameters.ExternalToken); var requestEmail = context.Request.Raw.Get(ExternalGrantParameters.Email); if (string.IsNullOrWhiteSpace(providerName)) { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidRequest, ExternalGrantErrors.InvalidProvider); return; } if (string.IsNullOrWhiteSpace(externalToken)) { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidRequest, ExternalGrantErrors.InvalidExternalToken); return; } var provider = ExternalProviders.GetProviders().FirstOrDefault(x => x.Name.Equals(providerName, StringComparison.OrdinalIgnoreCase)); if (provider == null) { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidRequest, ExternalGrantErrors.ProviderNotFound); return; } var tokenService = _tokenServiceAccessor(providerName); var userInfo = await tokenService.GetUserInfoAsync(externalToken); if (userInfo == null) { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidRequest, ExternalGrantErrors.UserInfoNotRetrieved); return; } var externalId = userInfo.Value <string>("id"); if (!string.IsNullOrWhiteSpace(externalId)) { var existingUserId = await _userManager.FindByProviderAsync(providerName, externalId); if (!string.IsNullOrWhiteSpace(existingUserId)) { var claims = await _userManager.GetUserClaimsByExternalIdAsync(externalId, providerName); context.Result = new GrantValidationResult(existingUserId, providerName, claims, providerName, null); } } if (string.IsNullOrWhiteSpace(requestEmail)) { context.Result = await _nonEmailUserProcessor.ProcessAsync(userInfo, providerName); return; } context.Result = await _emailUserProcessor.ProcessAsync(userInfo, requestEmail, providerName); } catch (Exception e) { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidRequest, e.Message); } }