private async Task <(User User, bool Succeeded, IEnumerable <string> Errors)> AutoProvisionExternalUser(string userId, List <Claim> claims)
{
var email = claims.Single(x => x.Type == JwtClaimTypes.Email).Value;
// New user auto-registration flow.
var user = new User(email, userId)
{
Email = email,
EmailConfirmed = true
};
// Add claims from the external provider.
foreach (var claim in claims)
{
if (claim.Type == JwtClaimTypes.Subject || claim.Type == JwtClaimTypes.Email)
{
continue;
}
user.Claims.Add(new IdentityUserClaim <string> {
ClaimType = claim.Type,
ClaimValue = claim.Value,
UserId = userId
});
}
var result = await _userManager.CreateAsync(user);
if (!result.Succeeded)
{
return(null, false, result.Errors.Select(x => x.Description));
}
return(user, true, new List <string>());
}
private async Task <User> AutoProvisionExternalUserAsync(string userId, List <Claim> claims)
{
var email = claims.Single(x => x.Type == JwtClaimTypes.Email).Value;
// New user auto-registration flow.
var user = new User(email, userId)
{
Email = email,
EmailConfirmed = true
};
// Add claims from the external provider.
foreach (var claim in claims)
{
if (claim.Type == JwtClaimTypes.Subject || claim.Type == JwtClaimTypes.Email)
{
continue;
}
user.Claims.Add(new IdentityUserClaim <string> {
ClaimType = claim.Type,
ClaimValue = claim.Value,
UserId = userId
});
}
var result = await _userManager.CreateAsync(user);
if (!result.Succeeded)
{
throw new Exception("Failed to automatically create external user.");
}
return(user);
}
public async Task <IActionResult> CreateUser([FromBody] CreateUserRequest request)
{
var user = new User {
Id = $"{Guid.NewGuid()}",
UserName = request.UserName,
Email = request.Email,
CreateDate = DateTime.UtcNow,
PhoneNumber = request.PhoneNumber,
PasswordExpirationPolicy = request.PasswordExpirationPolicy
};
IdentityResult result = null;
if (string.IsNullOrEmpty(request.Password))
{
result = await _userManager.CreateAsync(user);
}
else
{
result = await _userManager.CreateAsync(user, request.Password, validatePassword : !request.BypassPasswordValidation.GetValueOrDefault());
}
if (!result.Succeeded)
{
return(BadRequest(result.Errors.ToValidationProblemDetails()));
}
if (request.ChangePasswordAfterFirstSignIn.HasValue && request.ChangePasswordAfterFirstSignIn.Value == true)
{
await _userManager.SetPasswordExpiredAsync(user, true);
}
var claims = request?.Claims?.Count() > 0 ? request.Claims.Select(x => new Claim(x.Type, x.Value)).ToList() : new List <Claim>();
if (!string.IsNullOrEmpty(request.FirstName))
{
claims.Add(new Claim(JwtClaimTypes.GivenName, request.FirstName));
}
if (!string.IsNullOrEmpty(request.LastName))
{
claims.Add(new Claim(JwtClaimTypes.FamilyName, request.LastName));
}
if (claims.Any())
{
await _userManager.AddClaimsAsync(user, claims);
}
var response = SingleUserInfo.FromUser(user);
await _eventService.Publish(new UserCreatedEvent(response));
return(CreatedAtAction(nameof(GetUser), Name, new { userId = user.Id }, response));
}
public async Task <IActionResult> Register([FromBody] ApiRegisterRequest request)
{
var user = CreateUserFromRequest(request);
var requestClaimTypes = request.Claims.Select(x => x.Type);
var claimTypes = await _configurationDbContext.ClaimTypes.Where(x => requestClaimTypes.Contains(x.Name)).ToListAsync();
var unknownClaimTypes = requestClaimTypes.Except(claimTypes.Select(x => x.Name));
if (unknownClaimTypes.Any())
{
ModelState.AddModelError(string.Empty, $"The following claim types are not supported: '{string.Join(", ", unknownClaimTypes)}'.");
return(BadRequest(new ValidationProblemDetails(ModelState)));
}
var canAddClaims = claimTypes.All(x => x.UserEditable) || User.IsSystemClient();
if (!canAddClaims)
{
ModelState.AddModelError(nameof(claimTypes), $"The following claims are not editable: '{string.Join(", ", claimTypes.Where(x => !x.UserEditable).Select(x => x.Name))}'.");
return(BadRequest(new ValidationProblemDetails(ModelState)));
}
foreach (var claim in request.Claims)
{
user.Claims.Add(new IdentityUserClaim <string> {
ClaimType = claim.Type,
ClaimValue = claim.Value ?? string.Empty,
UserId = user.Id
});
}
var result = await _userManager.CreateAsync(user, request.Password);
if (!result.Succeeded)
{
foreach (var error in result.Errors)
{
ModelState.AddModelError(error.Code, error.Description);
}
return(BadRequest(new ValidationProblemDetails(ModelState)));
}
var createdUser = SingleUserInfo.FromUser(user);
var token = await _userManager.GenerateEmailConfirmationTokenAsync(user);
await _eventService.Publish(new UserRegisteredEvent(createdUser, token));
return(NoContent());
}
public async Task <IActionResult> CreateUser([FromBody] CreateUserRequest request)
{
var user = new User {
Id = $"{Guid.NewGuid()}",
UserName = request.UserName,
Email = request.Email,
CreateDate = DateTime.UtcNow,
PhoneNumber = request.PhoneNumber,
PasswordExpirationPolicy = request.PasswordExpirationPolicy
};
IdentityResult result = null;
if (string.IsNullOrEmpty(request.Password))
{
result = await _userManager.CreateAsync(user);
}
else
{
result = await _userManager.CreateAsync(user, request.Password);
}
if (!result.Succeeded)
{
return(BadRequest(result.Errors.ToValidationProblemDetails()));
}
if (request.ChangePasswordAfterFirstSignIn.HasValue && request.ChangePasswordAfterFirstSignIn.Value == true)
{
await _userManager.SetPasswordExpiredAsync(user, true);
}
var claims = new List <Claim>();
if (!string.IsNullOrEmpty(request.FirstName))
{
claims.Add(new Claim(JwtClaimTypes.GivenName, request.FirstName));
}
if (!string.IsNullOrEmpty(request.LastName))
{
claims.Add(new Claim(JwtClaimTypes.FamilyName, request.LastName));
}
if (claims.Any())
{
await _userManager.AddClaimsAsync(user, claims);
}
var response = new SingleUserInfo {
Id = user.Id,
UserName = user.UserName,
Email = user.Email,
PhoneNumber = user.PhoneNumber,
PasswordExpirationPolicy = user.PasswordExpirationPolicy,
IsAdmin = user.Admin,
TwoFactorEnabled = user.TwoFactorEnabled,
EmailConfirmed = user.EmailConfirmed,
PhoneNumberConfirmed = user.PhoneNumberConfirmed,
Claims = user.Claims?.Select(x => new ClaimInfo {
Id = x.Id,
Type = x.ClaimType,
Value = x.ClaimValue
})
.ToList()
};
await _eventService.Raise(new UserCreatedEvent(response));
return(CreatedAtAction(nameof(GetUser), Name, new { userId = user.Id }, response));
}
