public virtual async Task <AuthenticateExternalLoginResult> ReadExternalLoginCredential(IOwinContext context)
{
var result = await context.Authentication.AuthenticateAsync(AuthenticationTypes.External);
if (result == null)
{
_trace.Information("No external login found.");
return(new AuthenticateExternalLoginResult());
}
var idClaim = result.Identity.FindFirst(ClaimTypes.NameIdentifier);
if (idClaim == null)
{
_trace.Error("External Authentication is missing required claim: " + ClaimTypes.NameIdentifier);
return(new AuthenticateExternalLoginResult());
}
var nameClaim = result.Identity.FindFirst(ClaimTypes.Name);
if (nameClaim == null)
{
_trace.Error("External Authentication is missing required claim: " + ClaimTypes.Name);
return(new AuthenticateExternalLoginResult());
}
var emailClaim = result.Identity.FindFirst(ClaimTypes.Email);
string emailSuffix = emailClaim == null ? String.Empty : (" <" + emailClaim.Value + ">");
var tenantIdClaim = result.Identity.FindFirst(tenantIdClaimType);
Authenticator auther;
string authenticationType = idClaim.Issuer;
if (!Authenticators.TryGetValue(idClaim.Issuer, out auther))
{
foreach (var authenticator in Authenticators.Values)
{
if (authenticator.TryMapIssuerToAuthenticationType(idClaim.Issuer, out authenticationType))
{
auther = authenticator;
break;
}
}
}
return(new AuthenticateExternalLoginResult()
{
Authentication = null,
ExternalIdentity = result.Identity,
Authenticator = auther,
Credential = _credentialBuilder.CreateExternalCredential(authenticationType, idClaim.Value, nameClaim.Value + emailSuffix, tenantIdClaim?.Value)
});
}
private Credential FindMatchingCredential(Credential credential)
{
var results = Entities
.Set <Credential>()
.Include(u => u.User)
.Include(u => u.User.Roles)
.Where(c => c.Type == credential.Type && c.Value == credential.Value)
.ToList();
if (results.Count == 0)
{
return(null);
}
else if (results.Count == 1)
{
return(results[0]);
}
else
{
// Don't put the credential itself in trace, but do put the Key for lookup later.
string message = String.Format(
CultureInfo.CurrentCulture,
Strings.MultipleMatchingCredentials,
credential.Type,
results.First().Key);
Trace.Error(message);
throw new InvalidOperationException(message);
}
}
public async virtual Task <AuthenticateExternalLoginResult> ReadExternalLoginCredential(IOwinContext context)
{
var result = await context.Authentication.AuthenticateAsync(AuthenticationTypes.External);
if (result == null)
{
Trace.Information("No external login found.");
return(new AuthenticateExternalLoginResult());
}
var idClaim = result.Identity.FindFirst(ClaimTypes.NameIdentifier);
if (idClaim == null)
{
Trace.Error("External Authentication is missing required claim: " + ClaimTypes.NameIdentifier);
return(new AuthenticateExternalLoginResult());
}
var nameClaim = result.Identity.FindFirst(ClaimTypes.Name);
if (nameClaim == null)
{
Trace.Error("External Authentication is missing required claim: " + ClaimTypes.Name);
return(new AuthenticateExternalLoginResult());
}
var emailClaim = result.Identity.FindFirst(ClaimTypes.Email);
string emailSuffix = emailClaim == null ? String.Empty : (" <" + emailClaim.Value + ">");
Authenticator auther;
if (!Authenticators.TryGetValue(idClaim.Issuer, out auther))
{
auther = null;
}
return(new AuthenticateExternalLoginResult()
{
Authentication = null,
ExternalIdentity = result.Identity,
Authenticator = auther,
Credential = CredentialBuilder.CreateExternalCredential(idClaim.Issuer, idClaim.Value, nameClaim.Value + emailSuffix)
});
}
public virtual async Task <AuthenticateExternalLoginResult> ReadExternalLoginCredential(IOwinContext context)
{
var result = await context.Authentication.AuthenticateAsync(AuthenticationTypes.External);
if (result?.Identity?.Claims == null)
{
_trace.Information("No external login found.");
return(new AuthenticateExternalLoginResult());
}
var externalIdentity = result.Identity;
Authenticator authenticator = Authenticators
.Values
.FirstOrDefault(a => a.IsProviderForIdentity(externalIdentity));
if (authenticator == null)
{
_trace.Error($"No authenticator found for identity: {externalIdentity.AuthenticationType}");
return(new AuthenticateExternalLoginResult());
}
try
{
var userInfo = authenticator.GetIdentityInformation(externalIdentity);
var emailSuffix = userInfo.Email == null ? string.Empty : (" <" + userInfo.Email + ">");
var identity = userInfo.Name + emailSuffix;
return(new AuthenticateExternalLoginResult()
{
Authentication = null,
ExternalIdentity = externalIdentity,
Authenticator = authenticator,
Credential = _credentialBuilder.CreateExternalCredential(userInfo.AuthenticationType, userInfo.Identifier, identity, userInfo.TenantId),
LoginDetails = new ExternalLoginSessionDetails(userInfo.Email, userInfo.UsedMultiFactorAuthentication),
UserInfo = userInfo
});
}
catch (Exception ex)
{
_trace.Error(ex.Message);
return(new AuthenticateExternalLoginResult());
}
}