Пример #1
0
        public async Task <IActionResult> Callback(CancellationToken cancellationToken)
        {
            // read external identity from the temporary cookie
            AuthenticateResult result = await HttpContext.AuthenticateAsync(
                IdentityServerConstants.ExternalCookieAuthenticationScheme);

            if (result?.Succeeded != true)
            {
                throw new Exception("External authentication error");
            }

            AuthenticateExternalUserRequest?authRequest = CreateAuthRequest(result);

            AuthenticateUserResult authResult = await _userAccountService.AuthenticateExternalUserAsync(
                authRequest,
                cancellationToken);

            if (authResult.Success)
            {
                var additionalLocalClaims = new List <Claim>();
                var localSignInProps      = new AuthenticationProperties();
                ProcessLoginCallback(result, additionalLocalClaims, localSignInProps);

                // issue authentication cookie for user
                var isuser = new IdentityServerUser(authResult.User !.Id.ToString("N"))
                {
                    DisplayName      = authResult.User.Name,
                    IdentityProvider = authRequest.Provider,
                    AdditionalClaims = additionalLocalClaims
                };

                await HttpContext.SignInAsync(isuser, localSignInProps);

                // delete temporary cookie used during external authentication
                await HttpContext.SignOutAsync(IdentityServerConstants.ExternalCookieAuthenticationScheme);

                // retrieve return URL
                var returnUrl = result.Properties.Items["returnUrl"] ?? "~/";

                // check if external login is in the context of an OIDC request
                AuthorizationRequest context = await _interaction.GetAuthorizationContextAsync(returnUrl);

                await _events.RaiseAsync(new UserLoginSuccessEvent(
                                             authRequest.Provider,
                                             authRequest.UserIdentifier,
                                             authResult.User.Id.ToString("N"),
                                             authResult.User.Name,
                                             true,
                                             context?.Client.ClientId));

                if (context != null)
                {
                    if (context.IsNativeClient())
                    {
                        // The client is native, so this change in how to
                        // return the response is for better UX for the end user.
                        return(this.LoadingPage("Redirect", returnUrl));
                    }
                }

                return(Redirect(returnUrl));
            }
            else
            {
                var returnUrl = result.Properties.Items["returnUrl"] ?? "~/";

                // check if external login is in the context of an OIDC request
                AuthorizationRequest context = await _interaction.GetAuthorizationContextAsync(returnUrl);

                var vm = new UserNotFoundViewModel
                {
                    Provider = authRequest.Provider,
                    BackUrl  = context?.RedirectUri ?? "/"
                };

                return(View("UserNotFound", vm));
            }
        }