public async Task <IActionResult> RegisterDev([FromQuery] string username, [FromQuery] string password) { if (string.IsNullOrWhiteSpace(username)) { return(BadRequest("Invalid username")); } if (string.IsNullOrWhiteSpace(password)) { return(BadRequest("Invalid password.")); } //We want to log this out for information purposes whenever an auth request begins if (Logger.IsEnabled(LogLevel.Information)) { Logger.LogInformation($"Register Request: {username} {HttpContext.Connection.RemoteIpAddress}:{HttpContext.Connection.RemotePort}"); } GladerIdentityApplicationUser user = new GladerIdentityApplicationUser() { UserName = username, Email = "*****@*****.**" }; IdentityResult identityResult = await UserManager.CreateAsync(user, password); if (identityResult.Succeeded) { return(Ok()); } else { return(BadRequest(identityResult.Errors.Aggregate("", (s, error) => $"{s} {error.Code}:{error.Description}"))); } }
private async Task <AuthenticationTicket> CreateTicketAsync(IEnumerable <string> scopes, GladerIdentityApplicationUser user) { // Create a new ClaimsPrincipal containing the claims that // will be used to create an id_token, a token or a code. var principal = await SignInManager.CreateUserPrincipalAsync(user); // Create a new authentication ticket holding the user identity. AuthenticationTicket ticket = new AuthenticationTicket(principal, new Microsoft.AspNetCore.Authentication.AuthenticationProperties(), OpenIddictServerAspNetCoreDefaults.AuthenticationScheme); // Set the list of scopes granted to the client application. ticket.Principal.SetScopes(new[] { OpenIddictConstants.Scopes.OpenId, OpenIddictConstants.Scopes.Profile, OpenIddictConstants.Scopes.Roles }.Intersect(scopes.Concat(new string[1] { OpenIddictConstants.Scopes.OpenId }))); //HelloKitty: Always include the OpenId, it's required for the Playfab authentication ticket.Principal.SetResources("auth-server"); // Note: by default, claims are NOT automatically included in the access and identity tokens. // To allow OpenIddict to serialize them, you must attach them a destination, that specifies // whether they should be included in access tokens, in identity tokens or in both. foreach (var claim in ticket.Principal.Claims) { // Never include the security stamp in the access and identity tokens, as it's a secret value. if (claim.Type == IdentityOptions.Value.ClaimsIdentity.SecurityStampClaimType) { continue; } var destinations = new List <string> { OpenIddictConstants.Destinations.AccessToken }; // Only add the iterated claim to the id_token if the corresponding scope was granted to the client application. // The other claims will only be added to the access_token, which is encrypted when using the default format. if ((claim.Type == OpenIddictConstants.Claims.Name && ticket.Principal.HasScope(OpenIddictConstants.Scopes.Profile)) || (claim.Type == OpenIddictConstants.Claims.Email && ticket.Principal.HasScope(OpenIddictConstants.Scopes.Email)) || (claim.Type == OpenIddictConstants.Claims.Role && ticket.Principal.HasScope(OpenIddictConstants.Claims.Role))) { destinations.Add(OpenIddictConstants.Destinations.IdentityToken); } claim.SetDestinations(destinations); } foreach (var appender in ClaimsAppenders) { await appender.AppendClaimsAsync(new AuthorizationClaimsAppenderContext(Request, principal)); } return(ticket); }