public async Task <LocalLoginResultOutput> ExecuteAsync(string email, string password, bool rememberLogin, string returnUrl)
{
var authRequest = await _authorizationService.GetAuthorizationRequestAsync(returnUrl);
var getAccountResult = await _accountGetterService.GetByEmailAsync(email);
if (!getAccountResult.Success)
{
return(LocalLoginResultOutput.Fail(authRequest != null, getAccountResult.Errors));
}
var accountCanBeAuthenticatedVerificationResult =
_accountVerificationService.VerifyAccountCanBeAuthenticated(getAccountResult.Value, password);
if (!accountCanBeAuthenticatedVerificationResult.Success)
{
return(LocalLoginResultOutput.Fail(authRequest != null,
accountCanBeAuthenticatedVerificationResult.Errors));
}
var claims = await _accountClaimsCreatorService.CreateAccountClaimsAsync(getAccountResult.Value);
await _signInService.SignInAsync(getAccountResult.Value.Id, getAccountResult.Value.Email, rememberLogin,
claims);
return(LocalLoginResultOutput.Ok(authRequest != null, authRequest?.IsNativeClient));
}
public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
{
var invalidCredentialsResult = new GrantValidationResult(TokenRequestErrors.InvalidTarget, "Invalid credentials");
var getAccountResult = await _accountGetterService.GetByEmailAsync(context.UserName);
if (!getAccountResult.Success)
{
context.Result = invalidCredentialsResult;
return;
}
var accountCanBeAuthenticatedResult = _accountVerificationService.VerifyAccountCanBeAuthenticated(getAccountResult.Value, context.Password);
if (!accountCanBeAuthenticatedResult.Success)
{
var error = accountCanBeAuthenticatedResult.Errors.Single();
context.Result = error.ErrorCode.Equals(AccountErrorCodeEnumeration.PasswordIsNotSet) || error.ErrorCode.Equals(AccountErrorCodeEnumeration.IncorrectPassword)
? invalidCredentialsResult
: new GrantValidationResult(TokenRequestErrors.InvalidTarget, error.ErrorMessage);
return;
}
var claims = await _accountClaimsCreatorService.CreateAccountClaimsAsync(getAccountResult.Value);
context.Result = new GrantValidationResult(getAccountResult.Value.Id.ToString(),
context.Request.GrantType, claims);
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
var email = !string.IsNullOrWhiteSpace(context.Subject.Identity.Name)
? context.Subject.Identity.Name
: context.Subject.FindFirst(x => x.Type.Equals(JwtClaimTypes.Email))?.Value;
var getAccountResult = await _accountRepository.GetByEmailAsync(email);
context.IssuedClaims = await _accountClaimsCreatorService.CreateAccountClaimsAsync(getAccountResult.Value);
}
public async Task <ExternalLoginResultOutput> ExecuteAsync(string scheme)
{
var authResult = await _authenticationService.AuthenticateAsync(scheme);
if (!authResult.Succeeded)
{
throw authResult.Failure;
}
var emailClaim = authResult.Principal.FindFirst(ClaimTypes.Email);
var correlationId = Guid.NewGuid();
var account = await _accountProviderService.ProvideAccountForExternalLoginAsync(emailClaim.Value, correlationId);
if (account.DomainEvents.Any(x => x.GetType() == typeof(AccountCreatedDomainEvent)))
{
var pictureClaim = authResult.Principal.FindFirst("picture");
var picture = pictureClaim != null ? pictureClaim.Value : string.Empty;
var accountCreatedIntegrationEvent = new AccountCreatedIntegrationEvent(correlationId, account.Id, account.Email, picture);
await _integrationEventBus.PublishIntegrationEventAsync(accountCreatedIntegrationEvent);
}
var claims = await _accountClaimsCreatorService.CreateAccountClaimsAsync(account);
var externalSignInTask = _signInService.ExternalSignInAsync(account.Id, account.Email, scheme, claims);
var signOutTask = _signOutService.SignOutAsync(scheme);
var returnUrl =
authResult.Items is null || !authResult.Items.ContainsKey("returnUrl") ||
string.IsNullOrWhiteSpace(authResult.Items["returnUrl"])
? "~/"
: authResult.Items["returnUrl"];
var authRequest = await _authorizationService.GetAuthorizationRequestAsync(returnUrl);
await Task.WhenAll(externalSignInTask, signOutTask);
return(new ExternalLoginResultOutput(returnUrl, authRequest?.IsNativeClient));
}