public async Task <IActionResult> LoginViaGoogleCallbackAsync() { var result = await HttpContext.AuthenticateAsync(IdentityServerConstants.ExternalCookieAuthenticationScheme); if (result?.Succeeded != true || result.Principal == null) { throw new InvalidOperationException("External authentication error"); } var externalUser = new GoogleClaims(result.Principal); externalUser.HasEmailOrFail(); // use externalProvider and externalUserId to find your user, or provision a new user User user = await _userIdentityService.UserByEmailOrCreateAsync(externalUser); await _signInManager.SignInAsync(user, true); await _events.RaiseAsync(new UserLoginSuccessEvent( username : user.UserName, subjectId : user.Id.ToString(), name : user.UserName)); // delete temporary cookie used during external authentication await HttpContext.SignOutAsync(IdentityServerConstants.ExternalCookieAuthenticationScheme); var returnUrl = result.Properties.Items["returnUrl"]; if (string.IsNullOrEmpty(returnUrl)) { returnUrl = Url.Action("Index", "Home"); } return(Redirect(returnUrl)); }
public async Task <Database.Models.User> UserByEmailOrCreateAsync(GoogleClaims claimsUser) { claimsUser.ThrowIfNull(nameof(claimsUser)); Database.Models.User user = await ByEmailOrNullAsync(claimsUser.Email) ?? await CreateUserAsync(claimsUser); return(user); }
// public is for test purposes. public async Task <Database.Models.User> CreateUserAsync(GoogleClaims claimsUser) { _emailDomainValidatorService.Validate(claimsUser.Email); Role userRole = await ChooseUserRoleAsync(); var user = new Database.Models.User( firstName: claimsUser.GivenName, lastName: claimsUser.Surname, email: claimsUser.Email, role: userRole, emailConfirmed: true); claimsUser = claimsUser.ReadUser(user); IdentityResult createUserResult = await _userManager.CreateAsync(user); if (!createUserResult.Succeeded) { throw CreateException($"Cannot create new user '{claimsUser.Email}'\r\n", createUserResult); } string role = userRole.ToString(); IdentityResult roleAddingResult = await _userManager.AddToRoleAsync(user, role); if (!roleAddingResult.Succeeded) { throw CreateException($"Cannot add role '{role}' to user '{claimsUser.Email}'\r\n", roleAddingResult); } IdentityResult claimsAddingResult = await _userManager.AddClaimsAsync(user, claimsUser); if (!claimsAddingResult.Succeeded) { throw CreateException($"Cannot add claims to user '{claimsUser.Email}'\r\n", claimsAddingResult); } return(user); }