/// <summary> /// This method gets called when the user uses an external identity provider to authenticate. /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { return inner.AuthenticateExternalAsync(context); }
public override Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { // look for the user in our local identity system from the external identifiers var user = Users.SingleOrDefault(x => x.Provider == context.ExternalIdentity.Provider && x.ProviderID == context.ExternalIdentity.ProviderId); string name = "Unknown"; if (user == null) { // new user, so add them here var nameClaim = context.ExternalIdentity.Claims.First(x => x.Type == Constants.ClaimTypes.Name); if (nameClaim != null) name = nameClaim.Value; user = new CustomUser { Subject = Guid.NewGuid().ToString(), Provider = context.ExternalIdentity.Provider, ProviderID = context.ExternalIdentity.ProviderId, Claims = new List<Claim> { new Claim(Constants.ClaimTypes.Name, name) } }; Users.Add(user); } name = user.Claims.First(x => x.Type == Constants.ClaimTypes.Name).Value; context.AuthenticateResult = new AuthenticateResult(user.Subject, name, identityProvider: user.Provider); return Task.FromResult(0); }
public async Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { var externalIdentity = Mapper.Map<IdentityServerExternalIdentity, DomainExternalIdentity>(context.ExternalIdentity); var signInData = Mapper.Map<SignInMessage, SignInData>(context.SignInMessage); var result = await domainService.AuthenticateExternalAsync(externalIdentity, signInData); context.AuthenticateResult = Mapper.Map<AuthenticationResult, AuthenticateResult>(result); }
public override Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { var provider = context.ExternalIdentity.Provider; UserProfiles existingUser = null; switch(provider) { case "Facebook": existingUser = dbContext.UserProfiles.FirstOrDefault(x => x.FacebookId == context.ExternalIdentity.ProviderId); break; case "Google": existingUser = dbContext.UserProfiles.FirstOrDefault(x => x.GoogleId == context.ExternalIdentity.ProviderId); break; } if(existingUser == null) { var newUser = new UserProfiles(); // Add other claims newUser.EmailAddress = context.ExternalIdentity.Claims.FirstOrDefault(x => x.Type == IdentityServer3.Core.Constants.ClaimTypes.Email).Value; newUser.FirstName = context.ExternalIdentity.Claims.FirstOrDefault(x => x.Type == IdentityServer3.Core.Constants.ClaimTypes.GivenName).Value; newUser.LastName = context.ExternalIdentity.Claims.FirstOrDefault(x => x.Type == IdentityServer3.Core.Constants.ClaimTypes.FamilyName).Value; newUser.CreatedDate = DateTime.UtcNow; switch (provider) { case "Facebook": newUser.FacebookId = context.ExternalIdentity.ProviderId; break; case "Google": newUser.GoogleId = context.ExternalIdentity.ProviderId; break; } dbContext.UserProfiles.Add(newUser); dbContext.SaveChanges(); existingUser = newUser; } // Add other claims List<Claim> existingUserClaims = new List<Claim>(); existingUserClaims.Add(new Claim(ClaimTypes.Email, existingUser.EmailAddress)); context.AuthenticateResult = new AuthenticateResult( existingUser.Id.ToString(), existingUser.FirstName, existingUserClaims, provider, provider); return Task.FromResult(0); //return base.AuthenticateExternalAsync(context); }
public async Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { context.AuthenticateResult = null; foreach (var service in this.services) { await service.AuthenticateExternalAsync(context); if (context.AuthenticateResult != null && !context.AuthenticateResult.IsError) { return; } } }
/// <summary> /// This method gets called when the user uses an external identity provider to authenticate. /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public override Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { var query = from u in _users where u.Provider == context.ExternalIdentity.Provider && u.ProviderId == context.ExternalIdentity.ProviderId select u; var user = query.SingleOrDefault(); if (user == null) { string displayName; var name = context.ExternalIdentity.Claims.FirstOrDefault(x => x.Type == Constants.ClaimTypes.Name); if (name == null) { displayName = context.ExternalIdentity.ProviderId; } else { displayName = name.Value; } user = new InMemoryUser { Subject = CryptoRandom.CreateUniqueId(), Provider = context.ExternalIdentity.Provider, ProviderId = context.ExternalIdentity.ProviderId, Username = displayName, Claims = context.ExternalIdentity.Claims }; _users.Add(user); } // TEST CODE //List<Claim> claims = new List<Claim>() //{ // new Claim(ClaimTypes.Upn, context.ExternalIdentity.ProviderId) //}; context.AuthenticateResult = new AuthenticateResult(user.Subject, GetDisplayName(user), identityProvider: context.ExternalIdentity.Provider); return Task.FromResult(0); }
public override async Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { using (var client = await CreateClientAsync()) { if (!(await ExternalUserExistsAsync(client, context.ExternalIdentity.ProviderId))) { context.AuthenticateResult = await AddExternalUserAsync(client, context.ExternalIdentity); } } if (context.AuthenticateResult == null) { context.AuthenticateResult = new AuthenticateResult( context.ExternalIdentity.ProviderId, GetDisplayName(context.ExternalIdentity.Claims) ?? context.ExternalIdentity.ProviderId, context.ExternalIdentity.Claims); } }
public override async Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { using (var client = new HttpClient { BaseAddress = new Uri(this.usersApiUri) }) { if (!(await ExternalUserExistsAsync(client, context.ExternalIdentity.ProviderId))) { context.AuthenticateResult = await AddExternalUserAsync(client, context.ExternalIdentity); } } if (context.AuthenticateResult == null) { context.AuthenticateResult = new AuthenticateResult( context.ExternalIdentity.ProviderId, GetDisplayName(context.ExternalIdentity.Claims) ?? context.ExternalIdentity.ProviderId, context.ExternalIdentity.Claims); } }
public override Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { var externalUser = context.ExternalIdentity; // look for the user in our local identity system from the external identifiers var user = Users.SingleOrDefault(x => x.Provider == externalUser.Provider && x.ProviderID == externalUser.ProviderId); if (user == null) { // user is not registered so redirect context.AuthenticateResult = new AuthenticateResult("~/registerfirstexternalregistration", externalUser); } else { // user is registered so continue var name = user.Claims.First(x => x.Type == Constants.ClaimTypes.Name).Value; context.AuthenticateResult = new AuthenticateResult(user.Subject, name, identityProvider: user.Provider); } return Task.FromResult(0); }
public async Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { if (context.ExternalIdentity == null) throw new ArgumentNullException("ExternalIdentity"); var userLoginInfo = new UserLoginInfo(context.ExternalIdentity.Provider, context.ExternalIdentity.ProviderId); var user = await this.userManager.FindAsync(userLoginInfo); if (user == null) { // TODO log.WarnFormat("Unknown user '{0}' tries to login with external provider '{1}'", externalUser.ProviderId, externalUser.Provider); return; } var claims = await this.GetClaimsFromAccountAsync(user); var name = await this.GetDisplayNameForAccountAsync(user); context.AuthenticateResult = new AuthenticateResult( subject: user.Id.ToString(), name: name, claims: claims, identityProvider: context.ExternalIdentity.Provider, authenticationMethod: Constants.AuthenticationMethods.External); }
public async Task<IHttpActionResult> ResumeLoginFromRedirect(string resume) { Logger.Info("Callback requested to resume login from partial login"); if (resume.IsMissing()) { Logger.Error("no resumeId passed"); return RenderErrorPage(); } if (resume.Length > MaxSignInMessageLength) { Logger.Error("resumeId length longer than allowed length"); return RenderErrorPage(); } var user = await context.GetIdentityFromPartialSignIn(); if (user == null) { Logger.Error("no identity from partial login"); return RenderErrorPage(); } var type = GetClaimTypeForResumeId(resume); var resumeClaim = user.FindFirst(type); if (resumeClaim == null) { Logger.Error("no claim matching resumeId"); return RenderErrorPage(); } var signInId = resumeClaim.Value; if (signInId.IsMissing()) { Logger.Error("No signin id found in resume claim"); return RenderErrorPage(); } var signInMessage = signInMessageCookie.Read(signInId); if (signInMessage == null) { Logger.Error("No cookie matching signin id found"); return RenderErrorPage(); } AuthenticateResult result = null; // determine which return path the user is taking -- are they coming from // a ExternalProvider partial logon, or not var externalProviderClaim = user.FindFirst(Constants.ClaimTypes.ExternalProviderUserId); // cleanup the claims from the partial login if (user.HasClaim(c => c.Type == Constants.ClaimTypes.PartialLoginRestartUrl)) { user.RemoveClaim(user.FindFirst(Constants.ClaimTypes.PartialLoginRestartUrl)); } if (user.HasClaim(c => c.Type == Constants.ClaimTypes.PartialLoginReturnUrl)) { user.RemoveClaim(user.FindFirst(Constants.ClaimTypes.PartialLoginReturnUrl)); } if (user.HasClaim(c => c.Type == Constants.ClaimTypes.ExternalProviderUserId)) { user.RemoveClaim(user.FindFirst(Constants.ClaimTypes.ExternalProviderUserId)); } if (user.HasClaim(c => c.Type == GetClaimTypeForResumeId(resume))) { user.RemoveClaim(user.FindFirst(GetClaimTypeForResumeId(resume))); } if (externalProviderClaim != null) { Logger.Info("using ExternalProviderUserId to call AuthenticateExternalAsync"); var provider = externalProviderClaim.Issuer; var providerId = externalProviderClaim.Value; var externalIdentity = new ExternalIdentity { Provider = provider, ProviderId = providerId, Claims = user.Claims }; Logger.InfoFormat("external user provider: {0}, provider ID: {1}", externalIdentity.Provider, externalIdentity.ProviderId); var externalContext = new ExternalAuthenticationContext { ExternalIdentity = externalIdentity, SignInMessage = signInMessage }; await userService.AuthenticateExternalAsync(externalContext); result = externalContext.AuthenticateResult; if (result == null) { Logger.Warn("user service failed to authenticate external identity"); var msg = localizationService.GetMessage(MessageIds.NoMatchingExternalAccount); await eventService.RaiseExternalLoginFailureEventAsync(externalIdentity, signInId, signInMessage, msg); return await RenderLoginPage(signInMessage, signInId, msg); } if (result.IsError) { Logger.WarnFormat("user service returned error message: {0}", result.ErrorMessage); await eventService.RaiseExternalLoginFailureEventAsync(externalIdentity, signInId, signInMessage, result.ErrorMessage); return await RenderLoginPage(signInMessage, signInId, result.ErrorMessage); } Logger.Info("External identity successfully validated by user service"); await eventService.RaiseExternalLoginSuccessEventAsync(externalIdentity, signInId, signInMessage, result); } else { // check to see if the resultant user has all the claim types needed to login if (!Constants.AuthenticateResultClaimTypes.All(claimType => user.HasClaim(c => c.Type == claimType))) { Logger.Error("Missing AuthenticateResultClaimTypes -- rendering error page"); return RenderErrorPage(); } // this is a normal partial login continuation Logger.Info("Partial login resume success -- logging user in"); result = new AuthenticateResult(new ClaimsPrincipal(user)); await eventService.RaisePartialLoginCompleteEventAsync(result.User.Identities.First(), signInId, signInMessage); } return await SignInAndRedirectAsync(signInMessage, signInId, result); }
public async Task<IHttpActionResult> LoginExternalCallback(string error = null) { Logger.Info("Callback invoked from external identity provider"); if (error.IsPresent()) { if (error.Length > options.InputLengthRestrictions.ExternalError) error = error.Substring(0, options.InputLengthRestrictions.ExternalError); Logger.ErrorFormat("External identity provider returned error: {0}", error); await eventService.RaiseExternalLoginErrorEventAsync(error); return RenderErrorPage(String.Format(localizationService.GetMessage(MessageIds.ExternalProviderError), error)); } var signInId = await context.GetSignInIdFromExternalProvider(); if (signInId.IsMissing()) { Logger.Info("No signin id passed"); return HandleNoSignin(); } var signInMessage = signInMessageCookie.Read(signInId); if (signInMessage == null) { Logger.Info("No cookie matching signin id found"); return HandleNoSignin(); } var user = await context.GetIdentityFromExternalProvider(); if (user == null) { Logger.Error("no identity from external identity provider"); return await RenderLoginPage(signInMessage, signInId, localizationService.GetMessage(MessageIds.NoMatchingExternalAccount)); } var externalIdentity = ExternalIdentity.FromClaims(user.Claims); if (externalIdentity == null) { var claims = user.Claims.Select(x => new { x.Type, x.Value }); Logger.ErrorFormat("no subject or unique identifier claims from external identity provider. Claims provided:\r\n{0}", LogSerializer.Serialize(claims)); return await RenderLoginPage(signInMessage, signInId, localizationService.GetMessage(MessageIds.NoMatchingExternalAccount)); } Logger.InfoFormat("external user provider: {0}, provider ID: {1}", externalIdentity.Provider, externalIdentity.ProviderId); var externalContext = new ExternalAuthenticationContext { ExternalIdentity = externalIdentity, SignInMessage = signInMessage }; await userService.AuthenticateExternalAsync(externalContext); var authResult = externalContext.AuthenticateResult; if (authResult == null) { Logger.Warn("user service failed to authenticate external identity"); var msg = localizationService.GetMessage(MessageIds.NoMatchingExternalAccount); await eventService.RaiseExternalLoginFailureEventAsync(externalIdentity, signInId, signInMessage, msg); return await RenderLoginPage(signInMessage, signInId, msg); } if (authResult.IsError) { Logger.WarnFormat("user service returned error message: {0}", authResult.ErrorMessage); await eventService.RaiseExternalLoginFailureEventAsync(externalIdentity, signInId, signInMessage, authResult.ErrorMessage); return await RenderLoginPage(signInMessage, signInId, authResult.ErrorMessage); } Logger.Info("External identity successfully validated by user service"); await eventService.RaiseExternalLoginSuccessEventAsync(externalIdentity, signInId, signInMessage, authResult); return await SignInAndRedirectAsync(signInMessage, signInId, authResult); }
public override Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { return base.AuthenticateExternalAsync(context); }
public async Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { await this.innerUserService.AuthenticateExternalAsync(context); }
public override async Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { var externalIdentity = context.ExternalIdentity; context.AuthenticateResult = await GetAppropriateAuthenticationResult(externalIdentity); }
public Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { context.AuthenticateResult = new AuthenticateResult("robink", "Robin van der Knaap"); return Task.FromResult(0); }
public Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { context.AuthenticateResult = null; return Task.FromResult(0); }
/// <summary> /// This method gets called when the user uses an external identity provider to authenticate. /// The user's identity from the external provider is passed via the `externalUser` parameter which contains the /// provider identifier, the provider's identifier for the user, and the claims from the provider for the external user. /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { return Task.FromResult(0); }
public Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { context.ExternalIdentity.Claims = filter.Filter(context.ExternalIdentity.Provider, context.ExternalIdentity.Claims); return inner.AuthenticateExternalAsync(context); }
public override Task AuthenticateExternalAsync(ExternalAuthenticationContext context) { return Task.FromResult<AuthenticateResult>(null); }