public async Task <IHttpActionResult> ObtainLocalAccessToken(string provider, string externalAccessToken)
{
if (string.IsNullOrWhiteSpace(provider) || string.IsNullOrWhiteSpace(externalAccessToken))
{
return(BadRequest("Provider or external access token is not sent"));
}
var verifiedAccessToken = await VerifyExternalAccessToken(provider, externalAccessToken);
if (verifiedAccessToken == null)
{
return(BadRequest("Invalid Provider or External Access Token"));
}
IdentityUser user = null;
using (Db.Operations ops = new Db.Operations())
{
user = await ops.FindAsync(new UserLoginInfo(provider, verifiedAccessToken.user_id));
}
bool hasRegistered = user != null;
if (!hasRegistered)
{
return(BadRequest("External user is not registered"));
}
//generate access token response
var accessTokenResponse = GenerateLocalAccessTokenResponse(user.UserName);
return(Ok(accessTokenResponse));
}
public async Task <IHttpActionResult> RegisterExternal(RegisterExternalBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var verifiedAccessToken = await VerifyExternalAccessToken(model.Provider, model.ExternalAccessToken);
if (verifiedAccessToken == null)
{
return(BadRequest("Invalid Provider or External Access Token"));
}
using (Db.Operations ops = new Db.Operations())
{
IdentityUser user = await ops.FindAsync(new UserLoginInfo(model.Provider, verifiedAccessToken.user_id));
bool hasRegistered = user != null;
if (hasRegistered)
{
return(BadRequest("External user is already registered"));
}
user = new IdentityUser()
{
UserName = model.UserName
}; // TODO: We will need other fields in the User object
IdentityResult result = await ops.CreateAsync(user);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
var info = new ExternalLoginInfo()
{
DefaultUserName = model.UserName,
Login = new UserLoginInfo(model.Provider, verifiedAccessToken.user_id)
};
result = await ops.AddLoginAsync(user.Id, info.Login);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
}
//generate access token response
var accessTokenResponse = GenerateLocalAccessTokenResponse(model.UserName);
return(Ok(accessTokenResponse));
}
public async Task <IHttpActionResult> GetExternalLogin(string provider, string error = null)
{
string redirectUri = string.Empty;
if (error != null)
{
return(BadRequest(Uri.EscapeDataString(error)));
}
if (!User.Identity.IsAuthenticated)
{
return(new ChallengeResult(provider, this));
}
var redirectUriValidationResult = ValidateClientAndRedirectUri(this.Request, ref redirectUri);
if (!string.IsNullOrWhiteSpace(redirectUriValidationResult))
{
return(BadRequest(redirectUriValidationResult));
}
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
if (externalLogin == null)
{
return(InternalServerError());
}
if (externalLogin.LoginProvider != provider)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(new ChallengeResult(provider, this));
}
IdentityUser user = null;
using (Db.Operations ops = new Db.Operations())
{
user = await ops.FindAsync(new UserLoginInfo(externalLogin.LoginProvider, externalLogin.ProviderKey));
}
bool hasRegistered = user != null;
redirectUri = string.Format("{0}#external_access_token={1}&provider={2}&haslocalaccount={3}&external_user_name={4}",
redirectUri,
externalLogin.ExternalAccessToken,
externalLogin.LoginProvider,
hasRegistered.ToString(),
externalLogin.UserName);
return(Redirect(redirectUri));
}