private static void CreateAdminUser(UserManager<ApplicationUser> userManager)
{
var roleManager = new RoleManager<IdentityRole>(new RoleStore<IdentityRole>(new ContosoWebContext(StaticConfig.DbContext.WebConnectionStringName)));
if (!roleManager.RoleExists(AdminConstants.Role))
{
roleManager.Create(new IdentityRole(AdminConstants.Role));
}
var username = ConfigurationHelpers.GetString("Authentication.Administrator.UserName");
var password = ConfigurationHelpers.GetString("Authentication.Administrator.Password");
var user = userManager.FindByName(username);
if (user == null)
{
user = new ApplicationUser { UserName = username, Email = username };
var result = userManager.Create(user, password);
if (!result.Succeeded)
throw new Exception(string.Format("Failed to create admin user: {0}", string.Join(",", result.Errors)));
user = userManager.FindByName(username);
userManager.AddToRole(user.Id, AdminConstants.Role);
userManager.AddClaim(user.Id, new Claim(AdminConstants.ManageStore.Name, AdminConstants.ManageStore.Allowed));
}
}
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// Enable the application to use a cookie to store information for the signed in user
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
});
// Use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// App Harbor load balancers run HTTP internally. This will confuse ASP.NET into believing a secure connection is not
app.Use(async (context, next) =>
{
if (string.Equals(context.Request.Headers["X-Forwarded-Proto"], "https", StringComparison.InvariantCultureIgnoreCase))
{
context.Request.Scheme = "https";
}
await next.Invoke();
});
// Uncomment the following lines to enable logging in with third party login providers
//app.UseMicrosoftAccountAuthentication(
// clientId: "",
// clientSecret: "");
//app.UseTwitterAuthentication(
// consumerKey: "",
// consumerSecret: "");
//app.UseFacebookAuthentication(
// appId: "",
// appSecret: "");
// Google Oauth2 provider.
app.UseGoogleAuthentication(ConfigurationManager.AppSettings["GoogleAuthKey"], ConfigurationManager.AppSettings["GoogleAuthSecret"]);
// LinkedIn
var linkedInSettings = new LinkedInAuthenticationOptions()
{
ClientId = ConfigurationManager.AppSettings["LinkedInKey"],
ClientSecret = ConfigurationManager.AppSettings["LinkedInSecret"]
};
linkedInSettings.Scope.Add("r_basicprofile");
linkedInSettings.Provider = new LinkedInAuthenticationProvider()
{
OnAuthenticated = async context =>
{
var userManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(new ApplicationDbContext()));
var user = userManager.FindByName(context.Request.User.Identity.Name);
userManager.AddClaim(user.Id, new Claim("LinkedIn_AccessToken", context.AccessToken));
}
};
linkedInSettings.SignInAsAuthenticationType = DefaultAuthenticationTypes.ExternalCookie;
app.UseLinkedInAuthentication(linkedInSettings);
// Owin context for claims
}
