private async Task <Entities.User> AutoProvisionWindowsUser(string provider,
string providerUserId, IEnumerable <Claim> claims)
{
if (_windowsKeyMap.ContainsKey(providerUserId))
{
// find matching user
var existingUser = await
_localUserService.GetUserBySubjectAsync(_windowsKeyMap[providerUserId]);
if (existingUser != null)
{
await _localUserService.AddExternalProviderToUser(
existingUser.Subject,
provider,
providerUserId);
await _localUserService.SaveChangesAsync();
return(existingUser);
}
}
var user = _localUserService.ProvisionUserFromExternalIdentity(provider, providerUserId,
new List <Claim>());
await _localUserService.SaveChangesAsync();
return(user);
}
public async Task <IActionResult> CallbackLink()
{
// read external identity from the temporary cookie
var result = await HttpContext.AuthenticateAsync(IdentityServerConstants.ExternalCookieAuthenticationScheme);
if (result?.Succeeded != true)
{
throw new Exception("External authentication error");
}
if (_logger.IsEnabled(LogLevel.Debug))
{
var externalClaims = result.Principal.Claims.Select(c => $"{c.Type}: {c.Value}");
_logger.LogDebug("External claims: {@claims}", externalClaims);
}
// lookup our user and external provider info
var(provider, providerUserId, claims) = await FindFromExternalProvider(result);
if (HttpContext.User.Identity.IsAuthenticated)
{
var subject = HttpContext.User.Claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Subject);
try
{
await _localUserService.AddExternalProviderToUser(
subject.Value,
provider,
providerUserId);
await _localUserService.SaveChangesAsync();
}
catch (DbUpdateException e)
{
Debug.WriteLine(e.Message);
}
}
// delete temporary cookie used during external authentication
await HttpContext.SignOutAsync(IdentityServerConstants.ExternalCookieAuthenticationScheme);
// retrieve return URL
var returnUrl = Base64UrlEncoder.Decode(result.Properties.Items["returnUrl"]) ?? "~/";
// check if external login is in the context of an OIDC request
var context = await _interaction.GetAuthorizationContextAsync(returnUrl);
if (context != null)
{
if (context.IsNativeClient())
{
// The client is native, so this change in how to
// return the response is for better UX for the end user.
return(this.LoadingPage("Redirect", returnUrl));
}
}
return(Redirect(returnUrl));
}
