/// <summary>
/// Signs in a user, from external login.
/// </summary>
/// <param name="loginExternal">The <see cref="LoginExternal"/>.</param>
/// <param name="cancellationToken">The <see cref="CancellationToken"/>.</param>
/// <returns></returns>
public virtual async Task <AccessToken> SignInExternalAsync(LoginExternal loginExternal, CancellationToken cancellationToken = default)
{
if (loginExternal == null)
{
throw new ArgumentNullException(nameof(loginExternal));
}
var identityUser = await this.UserManager
.FindByLoginAsync(loginExternal.LoginProvider, loginExternal.ProviderKey);
if (identityUser == null)
{
return(null);
}
var success = await this.ValidateExternalAccessToken(loginExternal, cancellationToken);
if (!success)
{
throw new UnauthorizedException();
}
await this.SignInManager
.SignInAsync(identityUser, loginExternal.IsRememerMe);
return(await this.GenerateJwtToken(identityUser, this.Options));
}
public virtual async Task <IActionResult> LoginExternal([FromBody][Required] LoginExternal loginExternal, CancellationToken cancellationToken = default)
{
await this.Logout(cancellationToken);
var properties = await this.SecurityManager
.GetExternalLoginsPropertiesAsync(loginExternal, cancellationToken);
return(new ChallengeResult(loginExternal.Name, properties));
}
private async Task <bool> ValidateExternalAccessToken(LoginExternal loginExternal, CancellationToken cancellationToken = default)
{
if (loginExternal == null)
{
throw new ArgumentNullException(nameof(loginExternal));
}
var externalLoginOption = this.Options.ExternalLogins
.FirstOrDefault(x => x.Name == loginExternal.LoginProvider);
if (externalLoginOption == null)
{
throw new NullReferenceException(nameof(externalLoginOption));
}
switch (loginExternal.LoginProvider)
{
case "Facebook":
using (var client = new HttpClient())
{
const string HOST = "https://graph.facebook.com";
var url = $"{HOST}/debug_token?input_token={loginExternal.AccessToken}&access_token={externalLoginOption.Id}|{externalLoginOption.Secret}";
var response = await client.GetAsync(url, cancellationToken);
if (!response.IsSuccessStatusCode)
{
return(false);
}
var content = await response.Content.ReadAsStringAsync();
var validation = JsonConvert.DeserializeObject <dynamic>(content);
if (!(bool)validation.data.is_valid)
{
return(false);
}
if (validation.data.app_id != externalLoginOption.Id)
{
return(false);
}
if (validation.data.user_id != loginExternal.ProviderKey)
{
return(false);
}
return(true);
}
default:
throw new NotSupportedException(loginExternal.LoginProvider);
}
}
public virtual async Task <IActionResult> SignInExternalAsync([FromBody][Required] LoginExternal loginExternal, CancellationToken cancellationToken = default)
{
var accessToken = await this.BaseIdentityManager
.SignInExternalAsync(loginExternal, cancellationToken);
if (accessToken == null)
{
this.NotFound();
}
return(this.Ok(accessToken));
}
/// <summary>
/// Gets the external provider info.
/// </summary>
/// <param name="loginExternal">The <see cref="LoginExternal"/>.</param>
/// <param name="cancellationToken">The <see cref="CancellationToken"/>.</param>
/// <returns>The <see cref="ExternalLoginData"/></returns>
public virtual async Task <ExternalLoginData> GetExternalProviderInfoAsync(LoginExternal loginExternal, CancellationToken cancellationToken = default)
{
switch (loginExternal.LoginProvider)
{
case "Facebook":
using (var client = new HttpClient())
{
try
{
const string HOST = "https://graph.facebook.com";
const string FIELDS = "id,name,address,email,birthday";
var url = $"{HOST}/{loginExternal.ProviderKey}/?fields={FIELDS}&access_token={loginExternal.AccessToken}";
var response = await client.GetAsync(url, cancellationToken);
var content = await response.Content.ReadAsStringAsync();
return(JsonConvert.DeserializeObject <ExternalLoginData>(content));
}
catch (Exception ex)
{
this.UserManager.Logger.LogWarning(ex, ex.Message);
throw new UnauthorizedException();
}
}
case "Google":
try
{
var payload = await GoogleJsonWebSignature.ValidateAsync(loginExternal.AccessToken);
return(new ExternalLoginData
{
Email = payload.Email,
Name = payload.Name,
Id = payload.Subject
});
}
catch (Exception ex)
{
this.UserManager.Logger.LogWarning(ex, ex.Message);
throw new UnauthorizedException();
}
default:
throw new NotSupportedException(loginExternal.LoginProvider);
}
}
public virtual async Task <IActionResult> SignInExternalAsync([FromBody][Required] LoginExternal loginExternal, CancellationToken cancellationToken = default)
{
var accessToken = await this.IdentityManager
.SignInExternalAsync(loginExternal, cancellationToken);
ExternalLoginData externalLoginData = null;
if (accessToken == null)
{
externalLoginData = await this.IdentityManager
.GetExternalProviderInfoAsync(loginExternal, cancellationToken);
}
var response = new ExternalLoginResponse
{
Data = externalLoginData,
AccessToken = accessToken
};
return(this.Ok(response));
}
/// <summary>
/// Gets the external provider info.
/// </summary>
/// <param name="loginExternal">The <see cref="LoginExternal"/>.</param>
/// <param name="cancellationToken">The <see cref="CancellationToken"/>.</param>
/// <returns>The <see cref="ExternalLoginData"/></returns>
public virtual async Task <ExternalLoginData> GetExternalProviderInfoAsync(LoginExternal loginExternal, CancellationToken cancellationToken = default)
{
switch (loginExternal.LoginProvider)
{
case "Facebook":
using (var client = new HttpClient())
{
const string HOST = "https://graph.facebook.com";
const string FIELDS = "id,name,address,email,birthday";
var url = $"{HOST}/{loginExternal.ProviderKey}/?fields={FIELDS}&access_token={loginExternal.AccessToken}";
var response = await client.GetAsync(url, cancellationToken);
var content = await response.Content.ReadAsStringAsync();
return(JsonConvert.DeserializeObject <ExternalLoginData>(content));
}
default:
throw new NotSupportedException(loginExternal.LoginProvider);
}
}
public ActionResult <BaseResponse <UsuarioLogin> > LoginFacebook([FromBody] LoginExternal login) => Execute(() => _service.LoginFacebook(login.AccessToken));
/// <summary>
/// Gets the external authentication properties of the <see cref="LoginExternal"/> passed.
/// </summary>
/// <param name="loginExternal">The <see cref="LoginExternalProvider"/>.</param>
/// <param name="cancellationToken">The <see cref="CancellationToken"/>.</param>
/// <returns>The <see cref="AuthenticationProperties"/>.</returns>
public virtual async Task <AuthenticationProperties> GetExternalLoginsPropertiesAsync(LoginExternal loginExternal, CancellationToken cancellationToken = default)
{
if (loginExternal == null)
{
throw new ArgumentNullException(nameof(loginExternal));
}
return(await Task.Factory
.StartNew(() => this.SignInManager
.ConfigureExternalAuthenticationProperties(loginExternal.Name, loginExternal.CallbackUrl), cancellationToken));
}
