private async Task <ClaimsIdentity> CheckClaimsIdentity(string userName, string password) { if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(password)) { return(await Task.FromResult <ClaimsIdentity>(null)); } // get the user to verifty var userToVerify = await _userManager.FindByNameAsync(userName); if (userToVerify == null) { return(await Task.FromResult <ClaimsIdentity>(null)); } // check the credentials if (await _userManager.CheckPasswordAsync(userToVerify, password)) { return(await Task.FromResult(_jwtTokenGenerator.GenerateClaimsIdentity(userName, userToVerify.Id))); } // Credentials are invalid, or account doesn't exist return(await Task.FromResult <ClaimsIdentity>(null)); }
public async Task <IActionResult> Facebook([FromBody] FacebookVM model) { // 1.generate an app access token var appId = _configuration.GetSection("FacebookAuthSettings").GetSection("AppId"); var appSecret = _configuration.GetSection("FacebookAuthSettings").GetSection("AppSecret"); try { var appAccessTokenResponse = await Client.GetStringAsync($"https://graph.facebook.com/oauth/access_token?client_id={appId.Value}&client_secret={appSecret.Value}&grant_type=client_credentials"); //var appAccessTokenResponse = await Client.GetStringAsync("https://www.google.com/"); var appAccessToken = JsonConvert.DeserializeObject <FacebookAppAccessToken>(appAccessTokenResponse); // 2. validate the user access token var userAccessTokenValidationResponse = await Client.GetStringAsync($"https://graph.facebook.com/debug_token?input_token={model.AccessToken}&access_token={appAccessToken.AccessToken}"); var userAccessTokenValidation = JsonConvert.DeserializeObject <FacebookUserAccessTokenValidation>(userAccessTokenValidationResponse); } catch (Exception ex) { } // 3. we've got a valid token so we can request user data from fb var userInfoResponse = await Client.GetStringAsync($"https://graph.facebook.com/v2.8/me?fields=id,email,first_name,last_name,name,gender,birthday,picture&access_token={model.AccessToken}"); var userInfo = JsonConvert.DeserializeObject <FacebookUserData>(userInfoResponse); var user = await _userManager.FindByEmailAsync(userInfo.Email); if (user == null) { var User = new User { FirstName = userInfo.FirstName, LastName = userInfo.LastName, IdentityProvider = "Facebook - " + userInfo.Id, Email = userInfo.Email, UserName = userInfo.Email, }; var result = await _userManager.CreateAsync(User, Convert.ToBase64String(Guid.NewGuid().ToByteArray()).Substring(0, 8)); if (!result.Succeeded) { return(new OkObjectResult("User Creation Failed")); } await _appDbContext.BookSeekers.AddAsync(new BookSeeker { IdentityId = User.Id, Location = "", Gender = userInfo.Gender }); await _appDbContext.SaveChangesAsync(); } // generate the jwt for the local user... var localUser = await _userManager.FindByNameAsync(userInfo.Email); if (localUser == null) { return(new OkObjectResult("login_failure , Failed to create local user account.")); } var identity = _jwtTokenGenerator.GenerateClaimsIdentity(localUser.UserName, localUser.Id); var response = new { id = identity.Claims.Single(c => c.Type == "id").Value, auth_token = await _jwtTokenGenerator.GenerateJwtTokenAsync(localUser.UserName, identity), expires_in = (int)_jwtOptions.ValidFor.TotalSeconds }; var jwt = JsonConvert.SerializeObject(response, new JsonSerializerSettings { Formatting = Formatting.Indented }); return(new OkObjectResult(jwt)); }