public ActionResult ExternalLoginCallback(string returnUrl)
{
AuthenticationResult result = OAuthWebSecurity.VerifyAuthentication(Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));
if (!result.IsSuccessful)
{
return RedirectToAction("ExternalLoginFailure");
}
var securityManager = new OpenAuthSecurityManager(HttpContext, new ProxyOAuthClient(result.Provider), new NoDbOAuthDataProvider());
if (securityManager.Login(result.ProviderUserId, false))
{
return RedirectToLocal(returnUrl);
}
if (User.Identity.IsAuthenticated)
{
// If the current user is logged in add the new account
OAuthWebSecurity.CreateOrUpdateAccount(result.Provider, result.ProviderUserId, User.Identity.Name);
return RedirectToLocal(returnUrl);
}
else
{
// User is new, ask for their desired membership name
string loginData = OAuthWebSecurity.SerializeProviderUserId(result.Provider, result.ProviderUserId);
ViewBag.ProviderDisplayName = OAuthWebSecurity.GetOAuthClientData(result.Provider).DisplayName;
ViewBag.ReturnUrl = returnUrl;
return View("ExternalLoginConfirmation", new RegisterExternalLoginModel { UserName = result.UserName, ExternalLoginData = loginData });
}
}
internal static bool LoginCore(HttpContextBase context, string providerName, string providerUserId, bool createPersistentCookie)
{
var provider = GetOAuthClient(providerName);
var securityManager = new OpenAuthSecurityManager(context, provider, OAuthDataProvider);
return securityManager.Login(providerUserId, createPersistentCookie);
}
public bool OAuthLogin(string provider, string providerUserId, bool persistCookie)
{
var oauthProvider = _authenticationClients[provider];
var context = _applicationEnvironment.AcquireContext();
var securityManager = new OpenAuthSecurityManager(context, oauthProvider.AuthenticationClient, this);
return securityManager.Login(providerUserId, persistCookie);
}
public bool OAuthLogin(OAuthAccount account, bool remember)
{
AuthenticationClientData oauthProvider = _authenticationClients[account.Provider];
HttpContextBase context = _applicationEnvironment.AcquireContext();
var securityManager = new OpenAuthSecurityManager(context, oauthProvider.AuthenticationClient, this);
bool success = securityManager.Login(account.ProviderUserId, remember);
if (success)
return true;
User user = GetUserByEmailAddress(account.Username);
if (user == null)
return false;
user.OAuthAccounts.Add(account);
_userCollection.Save(user);
return securityManager.Login(account.ProviderUserId, remember);
}
// GET: /api/auth/{provider}
public HttpResponseMessage Get(string provider)
{
HttpResponseMessage response;
var result = OpenAuth.VerifyAuthentication(VirtualPathUtility.ToAbsolute("~/api/auth/" + provider));
if (!result.IsSuccessful)
{
response = this.Request.CreateResponse(HttpStatusCode.Redirect);
response.Headers.Location = new Uri(VirtualPathUtility.ToAbsolute("~/login?auth=failed"), UriKind.Relative);
return response;
}
var openAuthAccount = this.db.UserOpenAuthAccounts.SingleOrDefault(a => a.ProviderName == result.Provider && a.ProviderUserID == result.ProviderUserId);
if (openAuthAccount != null)
{
var manager = new OpenAuthSecurityManager(new HttpContextWrapper(HttpContext.Current), OpenAuth.AuthenticationClients.GetByProviderName(result.Provider), new OpenAuthDataProvider(this.db));
if (manager.Login(result.ProviderUserId, createPersistentCookie: true))
{
openAuthAccount.LastUsedDate = DateTime.UtcNow;
this.db.SaveChanges();
response = this.Request.CreateResponse(HttpStatusCode.Redirect);
response.Headers.Location = new Uri(VirtualPathUtility.ToAbsolute("~/"), UriKind.Relative);
return response;
}
}
if (this.User.Identity.IsAuthenticated)
{
var user = this.db.Users.SingleOrDefault(u => u.UserName == this.User.Identity.Name);
if (user == null)
{
throw new InvalidOperationException(string.Format("Cannot find a user with username '{0}'.", this.User.Identity.Name));
}
var dateNow = DateTime.UtcNow;
this.db.UserOpenAuthAccounts.Add(new UserOpenAuthAccount
{
UserID = user.UserID,
ProviderName = result.Provider,
ProviderUserID = result.ProviderUserId,
ProviderUserName = result.UserName,
LastUsedDate = dateNow
});
user.LastLoginDate = dateNow;
user.LastActivityDate = dateNow;
this.db.SaveChanges();
response = this.Request.CreateResponse(HttpStatusCode.Redirect);
response.Headers.Location = new Uri(VirtualPathUtility.ToAbsolute("~/"), UriKind.Relative);
return response;
}
// User is new, ask for their desired membership name
var loginData = CryptoUtility.Serialize("oauth", result.Provider, result.ProviderUserId, result.UserName);
var url = "~/login?providerName=" + OpenAuth.GetProviderDisplayName(result.Provider) +
"&userName="******"@") ? result.UserName.Substring(0, result.UserName.IndexOf("@")) : result.UserName) +
"&email=" + (result.UserName.Contains("@") ? result.UserName : string.Empty) +
"&externalLoginData=" + loginData;
response = this.Request.CreateResponse(HttpStatusCode.Redirect);
response.Headers.Location = new Uri(VirtualPathUtility.ToAbsolute(url), UriKind.Relative);
return response;
}