public async Task <IHttpActionResult> GetExternalLogin(string provider, string error = null)
{
if (error != null)
{
return(Redirect(Url.Content("~/") + "#error=" + Uri.EscapeDataString(error)));
}
if (!User.Identity.IsAuthenticated)
{
return(new ChallengeResult(provider, this));
}
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
if (externalLogin == null)
{
return(InternalServerError());
}
if (externalLogin.LoginProvider != provider)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(new ChallengeResult(provider, this));
}
IdentityUser user = await UserManager.FindAsync(new UserLoginInfo(externalLogin.LoginProvider,
externalLogin.ProviderKey));
bool hasRegistered = user != null;
if (hasRegistered)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
ClaimsIdentity oAuthIdentity = await UserManager.CreateIdentityAsync(user,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookieIdentity = await UserManager.CreateIdentityAsync(user,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = ApplicationOAuthProvider.CreateProperties(user.UserName);
Authentication.SignIn(properties, oAuthIdentity, cookieIdentity);
}
else
{
IEnumerable <Claim> claims = externalLogin.GetClaims();
ClaimsIdentity identity = new ClaimsIdentity(claims, OAuthDefaults.AuthenticationType);
Authentication.SignIn(identity);
}
return(Ok());
}
public async Task <IHttpActionResult> GetExternalLogin(string provider, string error = null, string returnUrl = "")
{
Uri returnUri = new Uri(!string.IsNullOrEmpty(returnUrl) ? returnUrl : CORSConfig.returnOrigin);
string returnHost = returnUri.GetLeftPart(UriPartial.Authority);
string returnPath = returnUri.AbsolutePath;
if (error != null)
{
return(Redirect(returnHost + "/unauthorized"));
}
if (!User.Identity.IsAuthenticated)
{
return(new ChallengeResult(provider, this));
}
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
if (externalLogin == null)
{
return(Redirect(returnHost + "/unauthorized"));
}
ApplicationUser user = GetAuthUser();
bool hasRegistered = user != null;
if (!hasRegistered)
{
IdentityResult x = await Register(externalLogin).ConfigureAwait(false);
if (!x.Succeeded)
{
return(Redirect(returnHost + "/unauthorized/Something went wrong"));
}
returnPath = "/register";
}
IEnumerable <Claim> claims = externalLogin.GetClaims();
ClaimsIdentity identity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationType);
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
Authentication.SignIn(new AuthenticationProperties()
{
IsPersistent = true
}, identity);
return(Redirect(returnHost + returnPath));
}
private async Task <IHttpActionResult> RegisterOrLoginAsync(ApplicationUser user, ExternalLoginData externalLogin, string clientId, bool hasLogin)
{
if (hasLogin)
{
await UpdateCookiesAndLoginAsync(user, externalLogin, clientId);
}
else if (await _administrationService.UserEmailExistsAsync(externalLogin.Email))
{
if (await _administrationService.HasExistingExternalLoginAsync(externalLogin.Email, externalLogin.LoginProvider))
{
var uri = CreateErrorUri("providerExists");
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(Redirect(uri));
}
var userId = (await _userManager.FindByEmailAsync(externalLogin.Email)).Id;
var info = await Authentication.GetExternalLoginInfoAsync();
if (await _userManager.AddLoginAsync(userId, info.Login) == null)
{
var uri = CreateErrorUri("error");
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(Redirect(uri));
}
var identity = new ClaimsIdentity(externalLogin.GetClaims(), OAuthDefaults.AuthenticationType);
Authentication.SignIn(identity);
}
else
{
var identity = new ClaimsIdentity(externalLogin.GetClaims(), OAuthDefaults.AuthenticationType);
Authentication.SignIn(identity);
}
return(Ok());
}
private async Task <IHttpActionResult> LinkAccounts(ExternalLoginData externalLogin, string userId)
{
var info = await Authentication.GetExternalLoginInfoAsync();
if (await _userManager.AddLoginAsync(userId, info.Login) == null)
{
var uri = CreateErrorUri("error");
return(Redirect(uri));
}
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
ClaimsIdentity identity = new ClaimsIdentity(externalLogin.GetClaims(), OAuthDefaults.AuthenticationType);
Authentication.SignIn(identity);
_administrationService.AddProviderEmail(userId, info.Login.LoginProvider, info.Email);
return(Ok());
}
public async Task <IHttpActionResult> ExternalLogin(string provider)
{
if (!User.Identity.IsAuthenticated)
{
return(new ChallengeResult(provider, this));
}
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
if (externalLogin == null)
{
return(InternalServerError());
}
string userId = await IdentityManager.Logins.GetUserIdForLoginAsync(externalLogin.LoginProvider,
externalLogin.ProviderKey);
bool hasRegistered = userId != null;
if (hasRegistered)
{
Authentication.SignOut(Startup.ExternalCookieAuthenticationType);
IEnumerable <Claim> claims = await ApplicationOAuthProvider.GetClaimsAsync(IdentityManager, userId);
ClaimsIdentity oAuthIdentity = ApplicationOAuthProvider.CreateIdentity(IdentityManager, claims,
OAuthOptions.AuthenticationType);
ClaimsIdentity cookieIdentity = ApplicationOAuthProvider.CreateIdentity(IdentityManager, claims,
CookieOptions.AuthenticationType);
AuthenticationProperties properties = await ApplicationOAuthProvider.CreatePropertiesAsync(
IdentityManager, userId);
Authentication.SignIn(properties, oAuthIdentity, cookieIdentity);
}
else
{
IEnumerable <Claim> claims = externalLogin.GetClaims();
ClaimsIdentity identity = ApplicationOAuthProvider.CreateIdentity(IdentityManager, claims,
OAuthOptions.AuthenticationType);
Authentication.SignIn(identity);
}
return(Ok());
}
public async Task <IHttpActionResult> CheckForExistingAccount(RegisterExternalTokenBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
//validate token
ExternalLoginData externalLogin = await ExternalLoginData.FromToken(model.Provider, model.Token);
if (externalLogin == null)
{
return(InternalServerError());
}
if (externalLogin.LoginProvider != model.Provider)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(InternalServerError());
}
//if we reached this point then token is valid
// Original from tutorial >>>>> ApplicationUser user = await UserManager.FindByEmailAsync(model.Email);
ApplicationUser user = await UserManager.FindAsync(new UserLoginInfo(externalLogin.LoginProvider, externalLogin.ProviderKey));
bool hasRegistered = user != null;
if (hasRegistered)
{
//authenticate
var identity = await UserManager.CreateIdentityAsync(user, OAuthDefaults.AuthenticationType);
IEnumerable <Claim> claims = externalLogin.GetClaims();
identity.AddClaims(claims);
Authentication.SignIn(identity);
ClaimsIdentity oAuthIdentity = new ClaimsIdentity(Startup.OAuthOptions.AuthenticationType);
oAuthIdentity.AddClaim(new Claim(ClaimTypes.Name, user.UserName));
oAuthIdentity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id));
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, new AuthenticationProperties());
DateTime currentUtc = DateTime.UtcNow;
ticket.Properties.IssuedUtc = currentUtc;
ticket.Properties.ExpiresUtc = currentUtc.Add(Startup.OAuthOptions.AccessTokenExpireTimeSpan);
string accessToken = Startup.OAuthOptions.AccessTokenFormat.Protect(ticket);
Microsoft.Owin.Security.Infrastructure.AuthenticationTokenCreateContext context =
new Microsoft.Owin.Security.Infrastructure.AuthenticationTokenCreateContext(
Request.GetOwinContext(),
Startup.OAuthOptions.AccessTokenFormat, ticket);
await Startup.OAuthOptions.RefreshTokenProvider.CreateAsync(context);
// properties.Dictionary.Add("refresh_token", context.Token); original 2
ticket.Properties.Dictionary.Add("UserName", user.UserName);
Request.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", accessToken); ///already there in solution
// Create the response building a JSON object that mimics exactly the one issued by the default /Token endpoint
JObject token = new JObject(
new JProperty("userName", user.UserName),
new JProperty("nationality", user.Nationality),
new JProperty("workStatus", user.WorkStatus),
new JProperty("userId", user.Id),
new JProperty("profilePhoto", user.ProfilePicture),
new JProperty("access_token", accessToken),
new JProperty("token_type", "bearer"),
new JProperty("refresh_token", context.Token),
new JProperty("expires_in", Startup.OAuthOptions.AccessTokenExpireTimeSpan.TotalSeconds.ToString()),
new JProperty("issued", currentUtc.ToString("ddd, dd MMM yyyy HH':'mm':'ss 'GMT'")),
new JProperty("expires", currentUtc.Add(Startup.OAuthOptions.AccessTokenExpireTimeSpan).ToString("ddd, dd MMM yyyy HH:mm:ss 'GMT'"))
);
return(Ok(token));
}
else
{
JObject token1 = new JObject(
new JProperty("userName", "Not Registered")
);
return(Ok(token1));
}
}
public async Task <IHttpActionResult> GetExternalLogin(string provider, string error = null)
{
string redirectUri = string.Empty;
if (error != null)
{
return(Redirect(Url.Content("~/") + "#error=" + Uri.EscapeDataString(error)));
}
if (!User.Identity.IsAuthenticated)
{
return(new ChallengeResult(provider, this));
}
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
if (externalLogin == null)
{
return(InternalServerError());
}
if (externalLogin.LoginProvider != provider)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(new ChallengeResult(provider, this));
}
var redirectUriValidationResult = ValidateClientAndRedirectUri(this.Request, ref redirectUri);
if (!string.IsNullOrWhiteSpace(redirectUriValidationResult))
{
return(BadRequest(redirectUriValidationResult));
}
ApplicationUser user = await UserManager.FindAsync(new UserLoginInfo(externalLogin.LoginProvider,
externalLogin.ProviderKey));
bool hasRegistered = user != null;
if (hasRegistered)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(UserManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookieIdentity = await user.GenerateUserIdentityAsync(UserManager,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = ApplicationOAuthProvider.CreateProperties(user.UserName);
Authentication.SignIn(properties, oAuthIdentity, cookieIdentity);
}
else
{
IEnumerable <Claim> claims = externalLogin.GetClaims();
ClaimsIdentity identity = new ClaimsIdentity(claims, OAuthDefaults.AuthenticationType);
Authentication.SignIn(identity);
}
//redirectUri = string.Format("{0}#external_access_token={1}&provider={2}&haslocalaccount={3}&external_user_name={4}",
// redirectUri,
// externalLogin.ExternalAccessToken,
// externalLogin.LoginProvider,
// hasRegistered.ToString(),
// externalLogin.UserName);
redirectUri = string.Format("{0}#external_access_token={1}&provider={2}&haslocalaccount={3}&external_user_name={4}",
redirectUri,
externalLogin.ExternalAccessToken,
externalLogin.LoginProvider,
hasRegistered.ToString(),
externalLogin.UserName);
return(Redirect(redirectUri));
}
public async Task <IHttpActionResult> RegisterExternal(RegisterExternalBindingModel model)
{
try
{
ExternalLoginData externalLogin = await ExternalLoginData.FromToken(model.Provider, model.Token);
if (externalLogin == null)
{
throw new Exception("externalLogin can not be found, externalLogin is null");
}
if (externalLogin.LoginProvider != model.Provider)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
throw new Exception("Provider Conflicts, the Provider which send by user is not the same of the externalLogin's provider");
}
User user = await UserService.Obj.FindByEmailAsync(model.Email);
bool registered = user != null;
if (!registered)
{
user = new User(model.Name, model.Email);
user.UpdateRoles(RoleService.Obj.GetByNames(RoleNames.UserRole));
user.PerformConfirmEmail();
user = await UserService.Obj.CreateExternalUserAsync(user, new UserLoginInfo(externalLogin.LoginProvider, externalLogin.ProviderKey));
}
// Authenticate
ClaimsIdentity identity = await UserService.Obj.CreateIdentityAsync(user, OAuthDefaults.AuthenticationType);
IEnumerable <Claim> claims = externalLogin.GetClaims();
identity.AddClaims(claims);
Authentication.SignIn(identity);
ClaimsIdentity oAuthIdentity = new ClaimsIdentity(Startup.OAuthOptions.AuthenticationType);
oAuthIdentity.AddClaim(new Claim(ClaimTypes.Name, user.UserName));
oAuthIdentity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()));
oAuthIdentity.AddClaim(new Claim(ClaimTypes.Role, RoleNames.UserRole));
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, new AuthenticationProperties());
DateTime currentUtc = DateTime.UtcNow;
ticket.Properties.IssuedUtc = currentUtc;
ticket.Properties.ExpiresUtc = currentUtc.Add(Startup.OAuthOptions.AccessTokenExpireTimeSpan);
string accessToken = Startup.OAuthOptions.AccessTokenFormat.Protect(ticket);
string refreshToken = Startup.OAuthOptions.RefreshTokenFormat.Protect(ticket);
Request.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", accessToken);
var token = new
{
userName = user.UserName,
userId = user.Id,
access_token = accessToken,
refresh_token = refreshToken,
token_type = "bearer",
expires_in = Startup.OAuthOptions.AccessTokenExpireTimeSpan.TotalSeconds.ToString(),
issued = currentUtc.ToString("ddd, dd MMM yyyy HH':'mm':'ss 'GMT'"),
expires = currentUtc.Add(Startup.OAuthOptions.AccessTokenExpireTimeSpan).ToString("ddd, dd MMM yyyy HH:mm:ss 'GMT'")
};
return(Ok(token));
}
catch (Exception ex)
{
TracingSystem.TraceException(ex);
return(InternalServerError());
}
}
public async Task <IHttpActionResult> GetExternalLogin(string provider, string error = null)
{
if (error != null)
{
return(Redirect(Url.Content("~/") + "#error=" + Uri.EscapeDataString(error)));
}
if (!User.Identity.IsAuthenticated)
{
return(new ChallengeResult(provider, this));
}
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
if (externalLogin == null)
{
return(InternalServerError());
}
if (externalLogin.LoginProvider != provider)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(new ChallengeResult(provider, this));
}
ApplicationUser user = await UserManager.FindAsync(new UserLoginInfo(externalLogin.LoginProvider,
externalLogin.ProviderKey));
RoleManager <IdentityRole> role = new RoleManager <IdentityRole>(new RoleStore <IdentityRole>(new ApplicationDbContext()));
var Roles = from i in user.Roles
join x in role.Roles on i.RoleId equals x.Id
select new { x.Name };
string roles = Roles.FirstOrDefault().Name.ToString();
bool hasRegistered = user != null;
if (hasRegistered)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(UserManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookieIdentity = await user.GenerateUserIdentityAsync(UserManager,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = ApplicationOAuthProvider.CreateProperties(user.UserName, user.Name, roles, user.ImageUrl);
Authentication.SignIn(properties, oAuthIdentity, cookieIdentity);
}
else
{
IEnumerable <Claim> claims = externalLogin.GetClaims();
ClaimsIdentity identity = new ClaimsIdentity(claims, OAuthDefaults.AuthenticationType);
Authentication.SignIn(identity);
}
return(Ok());
}
public async Task <IHttpActionResult> GetExternalLogin(string provider, string error = null)
{
if (error != null)
{
return(Redirect(Url.Content("~/") + "#error=" + Uri.EscapeDataString(error)));
}
if (!User.Identity.IsAuthenticated)
{
return(new ChallengeResult(provider, this));
}
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
var info = await Authentication.GetExternalLoginInfoAsync();
if (externalLogin == null)
{
return(InternalServerError());
}
if (externalLogin.LoginProvider != provider)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(new ChallengeResult(provider, this));
}
ApplicationUser user = await UserManager.FindAsync(new UserLoginInfo(externalLogin.LoginProvider,
externalLogin.ProviderKey));
bool hasRegistered = user != null;
if (!hasRegistered)
{
user = UserManager.Users.FirstOrDefault(x => x.Email == info.Email);
if (user != null)
{
IdentityResult result = await UserManager.AddLoginAsync(user.Id, info.Login);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
}
else
{
user = new ApplicationUser()
{
UserName = externalLogin.UserName, Email = info.Email, EmailConfirmed = true
};
IdentityResult result = await UserManager.CreateAsync(user);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
result = await UserManager.AddLoginAsync(user.Id, info.Login);
}
}
hasRegistered = user != null;
if (hasRegistered)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(UserManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookieIdentity = await user.GenerateUserIdentityAsync(UserManager,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = ApplicationOAuthProvider.CreateProperties(user.UserName);
Authentication.SignIn(properties, oAuthIdentity, cookieIdentity);
}
else
{
IEnumerable <Claim> claims = externalLogin.GetClaims();
ClaimsIdentity identity = new ClaimsIdentity(claims, OAuthDefaults.AuthenticationType);
Authentication.SignIn(identity);
}
return(Ok());
}
public async Task <IHttpActionResult> GetExternalLogin(string provider, string error = null)
{
if (error != null)
{
return(Redirect(Url.Content("~/") + "#error=" + Uri.EscapeDataString(error)));
}
if (!User.Identity.IsAuthenticated)
{
return(new ChallengeResult(provider, this));
}
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
if (externalLogin == null)
{
return(InternalServerError());
}
if (externalLogin.LoginProvider != provider)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(new ChallengeResult(provider, this));
}
//ApplicationUser user = await UserManager.FindAsync(new UserLoginInfo(externalLogin.LoginProvider,
// externalLogin.ProviderKey));
//TODO : API call to identify if the user available in the google sheet - if yes - hasregistered-->true else false
//bool hasRegistered = user != null;
//if (hasRegistered)
//{
// //TODO : Let uset to siginin
// Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
// ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(UserManager,
// OAuthDefaults.AuthenticationType);
// ClaimsIdentity cookieIdentity = await user.GenerateUserIdentityAsync(UserManager,
// CookieAuthenticationDefaults.AuthenticationType);
// AuthenticationProperties properties = ApplicationOAuthProvider.CreateProperties(user.UserName);
// Authentication.SignIn(properties, oAuthIdentity, cookieIdentity);
//}
//else
//{
// //TODO : Redirect to non registered user page
// IEnumerable<Claim> claims = externalLogin.GetClaims();
// ClaimsIdentity identity = new ClaimsIdentity(claims, OAuthDefaults.AuthenticationType);
// Authentication.SignIn(identity);
// ConnectGoogleSheet();
//}
//bool hasRegistered = user != null;
//TODO : Redirect to non registered user page
IEnumerable <Claim> claims = externalLogin.GetClaims();
ClaimsIdentity identity = new ClaimsIdentity(claims, OAuthDefaults.AuthenticationType);
if (isUserAuthenticatedforApplication(externalLogin.Email))
{
Authentication.SignIn(identity);
return(Ok());
}
else
{
//Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(BadRequest("Not Authorized to use application."));
}
}
public async Task <IHttpActionResult> GetExternalLogin(string provider, string error = null)
{
if (error != null)
{
return(Redirect(Url.Content("~/") + "#error=" + Uri.EscapeDataString(error)));
}
if (!User.Identity.IsAuthenticated)
{
return(new ChallengeResult(provider, this));
}
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
if (externalLogin == null)
{
return(InternalServerError());
}
if (externalLogin.LoginProvider != provider)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(new ChallengeResult(provider, this));
}
ApplicationUser user = await UserManager.FindAsync(new UserLoginInfo(externalLogin.LoginProvider,
externalLogin.ProviderKey));
bool hasRegistered = user != null;
var otheruser = Request.GetOwinContext().Authentication.User;
string googleAccessToken = null;
if (otheruser.Claims.Any(cl => cl.Type.ToLower().Contains("emailaddress")))
{
using (var appdbcontext = new ApplicationDbContext())
{
var userEmail = otheruser.Claims.First(cl => cl.Type.ToLower().Contains("emailaddress")).Value;
var googleExternalLoginData = appdbcontext.ExternalLoginDatas.FirstOrDefault(eld => eld.Type == "GoogleAccessToken" && eld.Key == userEmail);
googleAccessToken = googleExternalLoginData.Value;
}
}
if (hasRegistered)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(UserManager,
OAuthDefaults.AuthenticationType);
if (!string.IsNullOrEmpty(googleAccessToken))
{
oAuthIdentity.AddClaim(new Claim("GoogleAccessToken", googleAccessToken));
}
ClaimsIdentity cookieIdentity = await user.GenerateUserIdentityAsync(UserManager,
CookieAuthenticationDefaults.AuthenticationType);
if (!string.IsNullOrEmpty(googleAccessToken))
{
cookieIdentity.AddClaim(new Claim("GoogleAccessToken", googleAccessToken));
}
AuthenticationProperties properties = ApplicationOAuthProvider.CreateProperties(user);
Authentication.SignIn(properties, oAuthIdentity, cookieIdentity);
}
else
{
IEnumerable <Claim> claims = externalLogin.GetClaims();
ClaimsIdentity identity = new ClaimsIdentity(claims, OAuthDefaults.AuthenticationType);
if (!string.IsNullOrEmpty(googleAccessToken))
{
identity.AddClaim(new Claim("GoogleAccessToken", googleAccessToken));
}
Authentication.SignIn(identity);
}
return(Ok());
}
public async Task <IHttpActionResult> RegisterExternalToken(RegisterExternalTokenBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
//validate token
ExternalLoginData externalLogin = await ExternalLoginData.FromToken(model.Provider, model.Token);
if (externalLogin == null)
{
return(InternalServerError());
}
if (externalLogin.LoginProvider != model.Provider)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(InternalServerError());
}
//if we reached this point then token is valid
ApplicationUser user = await UserManager.FindByEmailAsync(externalLogin.Email);
bool hasRegistered = user != null;
if (!hasRegistered)
{
user = new ApplicationUser
{
UserName = externalLogin.ProviderKey,
Email = externalLogin.Email,
ProfilePicture = externalLogin.ProfilePicture,
CoverPicture = externalLogin.CoverPicture,
Gender = externalLogin.Gender,
Verified = externalLogin.Verified,
Name = externalLogin.Name,
FacebookId = externalLogin.ProviderKey,
FacebookAccessToken = model.Token
};
var result = await UserManager.CreateAsync(user);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
}
//authenticate
var identity = await UserManager.CreateIdentityAsync(user, OAuthDefaults.AuthenticationType);
IEnumerable <Claim> claims = externalLogin.GetClaims();
identity.AddClaims(claims);
Authentication.SignIn(identity);
ClaimsIdentity oAuthIdentity = new ClaimsIdentity(Startup.OAuthOptions.AuthenticationType);
oAuthIdentity.AddClaim(new Claim(ClaimTypes.Name, user.UserName));
oAuthIdentity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id));
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, new AuthenticationProperties());
DateTime currentUtc = DateTime.UtcNow;
ticket.Properties.IssuedUtc = currentUtc;
ticket.Properties.ExpiresUtc = currentUtc.Add(Startup.OAuthOptions.AccessTokenExpireTimeSpan);
string accessToken = Startup.OAuthOptions.AccessTokenFormat.Protect(ticket);
Request.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", accessToken);
// Create the response building a JSON object that mimics exactly the one issued by the default /Token endpoint
JObject token = new JObject(
new JProperty("userName", user.UserName),
new JProperty("userId", user.Id),
new JProperty("access_token", accessToken),
new JProperty("token_type", "bearer"),
new JProperty("expires_in", Startup.OAuthOptions.AccessTokenExpireTimeSpan.TotalSeconds.ToString()),
new JProperty("issued", currentUtc.ToString("ddd, dd MMM yyyy HH':'mm':'ss 'GMT'")),
new JProperty("expires",
currentUtc.Add(Startup.OAuthOptions.AccessTokenExpireTimeSpan)
.ToString("ddd, dd MMM yyyy HH:mm:ss 'GMT'"))
);
return(Ok(token));
}
public async Task <IHttpActionResult> GetExternalLogin(string provider, string error = null)
{
if (error != null)
{
return(Redirect(Url.Content("~/") + "#error=" + Uri.EscapeDataString(error)));
}
if (!User.Identity.IsAuthenticated)
{
return(new ChallengeResult(provider, this));
}
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
if (externalLogin == null)
{
return(InternalServerError());
}
if (externalLogin.LoginProvider != provider)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(new ChallengeResult(provider, this));
}
var user = await UserManager.FindAsync(new UserLoginInfo(externalLogin.LoginProvider, externalLogin.ProviderKey));
bool hasRegistered = user != null;
if (hasRegistered)
{
SignInManager.SignOut();
//Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
ClaimsIdentity oAuthIdentity = await UserManager.CreateIdentityAsync(user, OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await UserManager.CreateIdentityAsync(user, CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = ApplicationOAuthProvider.CreateProperties(user.UserName);
SignInManager.SignIn(user, false, false);
//Authentication.SignIn(properties, oAuthIdentity, cookiesIdentity);
}
else
{
IEnumerable <Claim> claims = externalLogin.GetClaims();
ClaimsIdentity identity = new ClaimsIdentity(claims, OAuthDefaults.AuthenticationType);
var userInfo = UserManager2.CreateUserInfo("", externalLogin.UserName, "", "", "");
user = new User()
{
UserName = externalLogin.UserName,
PasswordHash = null,
IsActive = true,
UserType = (int)UserTypeEnum.Client,
UserInfoId = userInfo.Id,
AccountPlanId = (int)AccountPlanEnum.Start,
Registration = DateTime.Now,
LastUpdate = DateTime.Now
};
IdentityResult result = await UserManager.CreateAsync(user);
IdentityResult loginResult = await UserManager.AddLoginAsync(user.Id, new UserLoginInfo(externalLogin.LoginProvider, externalLogin.ProviderKey));
SignInManager.SignIn(user, false, false);
//Authentication.SignIn(identity);
}
return(Ok());
}
