/// <summary> /// Signs in a user, from external login. /// </summary> /// <param name="loginExternal">The <see cref="LoginExternal"/>.</param> /// <param name="cancellationToken">The <see cref="CancellationToken"/>.</param> /// <returns></returns> public virtual async Task <AccessToken> SignInExternalAsync(LoginExternal loginExternal, CancellationToken cancellationToken = default) { if (loginExternal == null) { throw new ArgumentNullException(nameof(loginExternal)); } var identityUser = await this.UserManager .FindByLoginAsync(loginExternal.LoginProvider, loginExternal.ProviderKey); if (identityUser == null) { return(null); } var success = await this.ValidateExternalAccessToken(loginExternal, cancellationToken); if (!success) { throw new UnauthorizedException(); } await this.SignInManager .SignInAsync(identityUser, loginExternal.IsRememerMe); return(await this.GenerateJwtToken(identityUser, this.Options)); }
public virtual async Task <IActionResult> LoginExternal([FromBody][Required] LoginExternal loginExternal, CancellationToken cancellationToken = default) { await this.Logout(cancellationToken); var properties = await this.SecurityManager .GetExternalLoginsPropertiesAsync(loginExternal, cancellationToken); return(new ChallengeResult(loginExternal.Name, properties)); }
private async Task <bool> ValidateExternalAccessToken(LoginExternal loginExternal, CancellationToken cancellationToken = default) { if (loginExternal == null) { throw new ArgumentNullException(nameof(loginExternal)); } var externalLoginOption = this.Options.ExternalLogins .FirstOrDefault(x => x.Name == loginExternal.LoginProvider); if (externalLoginOption == null) { throw new NullReferenceException(nameof(externalLoginOption)); } switch (loginExternal.LoginProvider) { case "Facebook": using (var client = new HttpClient()) { const string HOST = "https://graph.facebook.com"; var url = $"{HOST}/debug_token?input_token={loginExternal.AccessToken}&access_token={externalLoginOption.Id}|{externalLoginOption.Secret}"; var response = await client.GetAsync(url, cancellationToken); if (!response.IsSuccessStatusCode) { return(false); } var content = await response.Content.ReadAsStringAsync(); var validation = JsonConvert.DeserializeObject <dynamic>(content); if (!(bool)validation.data.is_valid) { return(false); } if (validation.data.app_id != externalLoginOption.Id) { return(false); } if (validation.data.user_id != loginExternal.ProviderKey) { return(false); } return(true); } default: throw new NotSupportedException(loginExternal.LoginProvider); } }
public virtual async Task <IActionResult> SignInExternalAsync([FromBody][Required] LoginExternal loginExternal, CancellationToken cancellationToken = default) { var accessToken = await this.BaseIdentityManager .SignInExternalAsync(loginExternal, cancellationToken); if (accessToken == null) { this.NotFound(); } return(this.Ok(accessToken)); }
/// <summary> /// Gets the external provider info. /// </summary> /// <param name="loginExternal">The <see cref="LoginExternal"/>.</param> /// <param name="cancellationToken">The <see cref="CancellationToken"/>.</param> /// <returns>The <see cref="ExternalLoginData"/></returns> public virtual async Task <ExternalLoginData> GetExternalProviderInfoAsync(LoginExternal loginExternal, CancellationToken cancellationToken = default) { switch (loginExternal.LoginProvider) { case "Facebook": using (var client = new HttpClient()) { try { const string HOST = "https://graph.facebook.com"; const string FIELDS = "id,name,address,email,birthday"; var url = $"{HOST}/{loginExternal.ProviderKey}/?fields={FIELDS}&access_token={loginExternal.AccessToken}"; var response = await client.GetAsync(url, cancellationToken); var content = await response.Content.ReadAsStringAsync(); return(JsonConvert.DeserializeObject <ExternalLoginData>(content)); } catch (Exception ex) { this.UserManager.Logger.LogWarning(ex, ex.Message); throw new UnauthorizedException(); } } case "Google": try { var payload = await GoogleJsonWebSignature.ValidateAsync(loginExternal.AccessToken); return(new ExternalLoginData { Email = payload.Email, Name = payload.Name, Id = payload.Subject }); } catch (Exception ex) { this.UserManager.Logger.LogWarning(ex, ex.Message); throw new UnauthorizedException(); } default: throw new NotSupportedException(loginExternal.LoginProvider); } }
public virtual async Task <IActionResult> SignInExternalAsync([FromBody][Required] LoginExternal loginExternal, CancellationToken cancellationToken = default) { var accessToken = await this.IdentityManager .SignInExternalAsync(loginExternal, cancellationToken); ExternalLoginData externalLoginData = null; if (accessToken == null) { externalLoginData = await this.IdentityManager .GetExternalProviderInfoAsync(loginExternal, cancellationToken); } var response = new ExternalLoginResponse { Data = externalLoginData, AccessToken = accessToken }; return(this.Ok(response)); }
/// <summary> /// Gets the external provider info. /// </summary> /// <param name="loginExternal">The <see cref="LoginExternal"/>.</param> /// <param name="cancellationToken">The <see cref="CancellationToken"/>.</param> /// <returns>The <see cref="ExternalLoginData"/></returns> public virtual async Task <ExternalLoginData> GetExternalProviderInfoAsync(LoginExternal loginExternal, CancellationToken cancellationToken = default) { switch (loginExternal.LoginProvider) { case "Facebook": using (var client = new HttpClient()) { const string HOST = "https://graph.facebook.com"; const string FIELDS = "id,name,address,email,birthday"; var url = $"{HOST}/{loginExternal.ProviderKey}/?fields={FIELDS}&access_token={loginExternal.AccessToken}"; var response = await client.GetAsync(url, cancellationToken); var content = await response.Content.ReadAsStringAsync(); return(JsonConvert.DeserializeObject <ExternalLoginData>(content)); } default: throw new NotSupportedException(loginExternal.LoginProvider); } }
public ActionResult <BaseResponse <UsuarioLogin> > LoginFacebook([FromBody] LoginExternal login) => Execute(() => _service.LoginFacebook(login.AccessToken));
/// <summary> /// Gets the external authentication properties of the <see cref="LoginExternal"/> passed. /// </summary> /// <param name="loginExternal">The <see cref="LoginExternalProvider"/>.</param> /// <param name="cancellationToken">The <see cref="CancellationToken"/>.</param> /// <returns>The <see cref="AuthenticationProperties"/>.</returns> public virtual async Task <AuthenticationProperties> GetExternalLoginsPropertiesAsync(LoginExternal loginExternal, CancellationToken cancellationToken = default) { if (loginExternal == null) { throw new ArgumentNullException(nameof(loginExternal)); } return(await Task.Factory .StartNew(() => this.SignInManager .ConfigureExternalAuthenticationProperties(loginExternal.Name, loginExternal.CallbackUrl), cancellationToken)); }