public async Task <IActionResult> Index(string returnUrl) { var info = await HttpContext.Authentication.GetAuthenticateInfoAsync( IdentityServerConstants.ExternalCookieAuthenticationScheme); var tempUser = info?.Principal; if (tempUser == null) { throw new Exception("External authentication error"); } var claims = tempUser.Claims.ToList(); var subjectClaim = claims .FirstOrDefault(x => x.Type == JwtClaimTypes.Subject); if (subjectClaim == null) { subjectClaim = claims .FirstOrDefault(x => x.Type == ClaimTypes.NameIdentifier); } if (subjectClaim == null) { throw new Exception("Unknown user account ID"); } claims.Remove(subjectClaim); var emailClaim = claims.FirstOrDefault(x => x.Type == ClaimTypes.Email); if (emailClaim == null) { throw new Exception("Unknown email"); } var provider = subjectClaim.Issuer.ToLowerInvariant(); var subject = subjectClaim.Value; var email = emailClaim.Value.ToLowerInvariant(); var userAccount = await _userAccountService.LoadByExternalProviderAsync( provider, subject); if (userAccount != null) { await _userAccountService.UpdateLastUsedExternalAccountAsync( userAccount, provider, subject); return(await IssueCookieAndRedirectAsync(userAccount, provider, returnUrl, info, claims)); } else { userAccount = await _userAccountService.LoadByEmailWithExternalAsync(email); if (userAccount == null) { userAccount = await _userAccountService.CreateNewExternalUserAccountAsync( email, provider, subject, returnUrl); if (_applicationOptions.RequireExternalAccountVerification) { // TODO: send confirmation mail and redirect to success page throw new NotImplementedException(); } else { await _userAccountService.UpdateLastUsedExternalAccountAsync( userAccount, provider, subject); return(await IssueCookieAndRedirectAsync(userAccount, provider, returnUrl, info, claims)); } } else { if (_applicationOptions.AutomaticAccountMerge) { // Add external account to existing one var externalAccount = _userAccountService.AddExternalAccountAsync( userAccount.Id, email, provider, subject ); await _userAccountService.UpdateLastUsedExternalAccountAsync( userAccount, provider, subject); return(await IssueCookieAndRedirectAsync(userAccount, provider, returnUrl, info, claims)); } else { // Ask user of he wants to join accounts or create new user throw new NotImplementedException(); } } } }