public async Task <IHttpActionResult> Login(ExternalLoginProviderName provider, string error = null)
{
string redirectUri = string.Empty;
if (error != null)
{
return(BadRequest(Uri.EscapeDataString(error)));
}
if (!User.Identity.IsAuthenticated)
{
return(new ChallengeResult(provider, this));
}
var redirectUriValidationResult = ValidateClientAndRedirectUri(this.Request, ref redirectUri);
if (!string.IsNullOrWhiteSpace(redirectUriValidationResult))
{
return(BadRequest(redirectUriValidationResult));
}
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
if (externalLogin == null)
{
return(InternalServerError());
}
if (externalLogin.LoginProvider != provider)
{
this.OwinAuthentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(new ChallengeResult(provider, this));
}
IdentityUser <Guid, CustomUserLogin, CustomUserRole, CustomUserClaim> user = await _authRepository.FindAsync(new UserLoginInfo(externalLogin.LoginProvider.ToString(), externalLogin.ProviderKey));
bool hasRegistered = user != null;
redirectUri = string.Format("{0}#external_access_token={1}&provider={2}&haslocalaccount={3}&external_user_name={4}",
redirectUri,
externalLogin.ExternalAccessToken,
externalLogin.LoginProvider,
hasRegistered.ToString(),
externalLogin.UserName);
return(Redirect(redirectUri));
}
public ChallengeResult(ExternalLoginProviderName loginProvider, ApiController controller)
{
LoginProvider = loginProvider;
Request = controller.Request;
}
private async Task <ParsedExternalAccessToken> VerifyExternalAccessToken(ExternalLoginProviderName provider, string accessToken)
{
var verifyTokenEndPoint = "";
if (provider == ExternalLoginProviderName.Facebook)
{
//You can get it from here: https://developers.facebook.com/tools/accesstoken/
//More about debug_tokn here: http://stackoverflow.com/questions/16641083/how-does-one-get-the-app-access-token-for-debug-token-inspection-on-facebook
var appToken = ConfigurationManager.AppSettings["facebook:AppToken"];
verifyTokenEndPoint = string.Format("https://graph.facebook.com/debug_token?input_token={0}&access_token={1}", accessToken, appToken);
}
else if (provider == ExternalLoginProviderName.Google)
{
verifyTokenEndPoint = string.Format("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}", accessToken);
}
else
{
return(null);
}
var client = new HttpClient();
var uri = new Uri(verifyTokenEndPoint);
var response = await client.GetAsync(uri);
if (!response.IsSuccessStatusCode)
{
return(null);
}
var content = await response.Content.ReadAsStringAsync();
dynamic jObj = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(content);
ParsedExternalAccessToken parsedToken = new ParsedExternalAccessToken();
if (provider == ExternalLoginProviderName.Facebook)
{
parsedToken.UserID = jObj["data"]["user_id"];
parsedToken.AppID = jObj["data"]["app_id"];
if (!string.Equals(Startup.FacebookAuthOptions.AppId, parsedToken.AppID, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
var fbClient = new FacebookClient(accessToken);
dynamic userEmailInfo = fbClient.Get("/me?fields=email");
parsedToken.Email = userEmailInfo.email;
}
else if (provider == ExternalLoginProviderName.Google)
{
parsedToken.UserID = jObj["user_id"];
parsedToken.AppID = jObj["audience"];
parsedToken.Email = jObj["email"];
if (!string.Equals(Startup.GoogleAuthOptions.ClientId, parsedToken.AppID, StringComparison.OrdinalIgnoreCase))
{
return(null);
}
}
return(parsedToken);
}