internal static async Task OnReturnEndpoint(OAuthReturnEndpointContext context) { if (context.Identity != null && context.SignInAsAuthenticationType == IdentityOptions.ExternalCookieAuthenticationType) { //This way we will know all notifications were fired. var manageStoreClaim = context.Identity.Claims.Where(c => c.Type == "ManageStore" && c.Value == "false").FirstOrDefault(); if (manageStoreClaim != null) { context.Identity.RemoveClaim(manageStoreClaim); context.Identity.AddClaim(new Claim("ManageStore", "Allowed")); } } await Task.FromResult(0); }
public async Task <bool> InvokeReturnPathAsync() { log.LogDebug("InvokeReturnPathAsync called"); var ticket = await HandleAuthenticateOnceAsync(); if (ticket == null) { Logger.LogWarning("Invalid return state, unable to redirect."); Response.StatusCode = 500; return(true); } var context = new OAuthReturnEndpointContext(Context, ticket) { SignInScheme = Options.SignInScheme, RedirectUri = ticket.Properties.RedirectUri, }; ticket.Properties.RedirectUri = null; await Options.Notifications.ReturnEndpoint(context); if (context.SignInScheme != null && context.Principal != null) { await Context.Authentication.SignInAsync(context.SignInScheme, context.Principal, context.Properties); } if (!context.IsRequestCompleted && context.RedirectUri != null) { if (context.Principal == null) { // add a redirect hint that sign-in failed in some way context.RedirectUri = QueryHelpers.AddQueryString(context.RedirectUri, "error", "access_denied"); } Response.Redirect(context.RedirectUri); context.RequestCompleted(); } return(context.IsRequestCompleted); }