public async Task <IHttpActionResult> GoogleCallback() { var autheticationManager = HttpContext.Current.GetOwinContext().Authentication; //get access token to use in profile image request var accessToken = autheticationManager.User.Claims.Where(c => c.Type.Equals(GoogleTokenType)).Select(c => c.Value).FirstOrDefault(); Uri apiRequestUri = new Uri(GoolgeProfileUri + accessToken); //request profile image var webClient = new System.Net.WebClient(); var userData = webClient.DownloadString(apiRequestUri); dynamic result = JsonConvert.DeserializeObject(userData); var userEmail = result.email; // find user who registered with this email var userManager = HttpContext.Current.GetOwinContext().GetUserManager <PhongTroUserManager>(); PhongTroUser user = await userManager.FindByNameAsync(Convert.ToString(userEmail)); if (null != user) // if this Google account has been register to PhongTro { var response = await GenerateLocalAccessToken(user); return(Ok(response)); } else // return Google profile for registering new account { return(Ok(userData)); } }
/// <summary> /// Helper method converts PhongTroUser object to UserDTO object /// </summary> /// <param name="user">The PhongTroUser to be converted</param> /// <returns> /// A UserDTO object /// </returns> public UserDTO ConvertFromAppUser(PhongTroUser user) { return(new UserDTO { Id = user.Id, UserName = user.UserName, FirstName = user.FirstName, LastName = user.LastName, Email = user.Email, Phone = user.PhoneNumber, DateOfBirth = user.DateOfBirth, Roles = _AppUserManager.GetRolesAsync(user.Id).Result, Claims = _AppUserManager.GetClaimsAsync(user.Id).Result }); }
protected override void Seed(PhongTroDbContext context) { var userManager = new UserManager <PhongTroUser>(new UserStore <PhongTroUser>(context)); var roleManager = new RoleManager <IdentityRole>(new RoleStore <IdentityRole>(context)); // create an administrator (collect infomation from User.config file) NameValueCollection userConfig = ConfigurationManager.GetSection("UserConfig") as NameValueCollection; var user = new PhongTroUser() { UserName = userConfig[KeyUserName], Email = userConfig[KeyEmail], EmailConfirmed = true, FirstName = userConfig[KeyFirstName], LastName = userConfig[KeyLastName], DateOfBirth = new DateTime(int.Parse(userConfig[KeyYearBirth]), int.Parse(userConfig[KeyMonthBirth]), int.Parse(userConfig[KeyDayBirth])), PhoneNumber = userConfig[KeyPhone] }; userManager.Create(user, userConfig[KeyPassword]); // create roles get from Role.config file NameValueCollection roleConfig = ConfigurationManager.GetSection("RoleConfig") as NameValueCollection; if (roleManager.Roles.Count() == 0) { roleManager.Create(new IdentityRole { Name = roleConfig[KeyRoleAdmin] }); roleManager.Create(new IdentityRole { Name = roleConfig[KeyRoleLodger] }); roleManager.Create(new IdentityRole { Name = roleConfig[KeyRoleLandlord] }); } // assign Admin role to the administrator var adminUser = userManager.FindByName(userConfig[KeyUserName]); userManager.AddToRoles(adminUser.Id, new string[] { roleConfig[KeyRoleAdmin], "Lodger", "Landlord" }); }
/// <summary> /// Method takes the username and password from the request, then validates them. /// </summary> /// <param name="context">Context contains username and password</param> /// <returns> /// Success: OkResult with ClaimsIdentity object. /// Fail: BadRequestResult comes with Error content. /// </returns> public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { var allowedOrigin = "*"; context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); var userManager = context.OwinContext.GetUserManager <PhongTroUserManager>(); PhongTroUser user = await userManager.FindAsync(context.UserName, context.Password); if (null == user) { context.SetError("invalid_grant", "The user name or password is incorrect."); return; } ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager, "JWT"); var ticket = new AuthenticationTicket(oAuthIdentity, null); context.Validated(ticket); }
/// <summary> /// Generate a valid token for a user from controller /// </summary> /// <param name="user">The logged in user</param> /// <returns></returns> protected async Task <JObject> GenerateLocalAccessToken(PhongTroUser user) { var userManager = HttpContext.Current.GetOwinContext().GetUserManager <PhongTroUserManager>(); var validTime = TimeSpan.FromDays(1); var identity = await userManager.CreateIdentityAsync(user, JWTAuthenticationType); var jwtFormat = new CustomJwtFormat(ConfigurationManager.AppSettings[KeyTokenIssuer]); var authenticationProperties = new AuthenticationProperties() { IssuedUtc = DateTimeOffset.UtcNow, ExpiresUtc = DateTimeOffset.UtcNow.Add(validTime) }; var authenticationTicket = new AuthenticationTicket(identity, authenticationProperties); var token = jwtFormat.Protect(authenticationTicket); JObject response = new JObject( new JProperty(KeyResponseToken, token), new JProperty(KeyResponseType, TokenType), new JProperty(KeyResponseExpire, validTime.TotalSeconds.ToString())); return(response); }