WWhen I create a new classic account using the SocialBootstrapAPI Project I have a new UserAuth created in database.
Next, when I logout and try to sign-in with Google OpenID (google account using the same email than the classic sign-in) instead of using the old account it create a new:
Is it normal ? If not how to merge UserAuth ?
When I debug CreateOrMergeAuthSession in the custom IUserAuthRepository , the userAuth is always a new instance because GetUserAuth with authSession does not have informations (email) to find the old classic UserAuth:
var userAuth = GetUserAuth(authSession, tokens) ?? new ServiceStack.ServiceInterface.Auth.UserAuth();
Thank you in advance for your help,
I don't know if it is a good solution but it works :
I have edited the following methods :
public ServiceStack.ServiceInterface.Auth.UserAuth GetUserAuth(IAuthSession authSession, IOAuthTokens tokens)
{
}
I have added a control on the tokens email :
if (tokens != null && !tokens.Email.IsNullOrEmpty())
{
var userAuth = GetUserAuthByUserName(tokens.Email);
if (userAuth != null) return userAuth;
}
So it get my old userAuth using email on the google mail account.
Related
I am using Azure B2C, followed by the article
https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet
User is added successfully. But the issue is how to check the user exist or not with a user name, when I creating a new user?
You can find users by their email address or their user name using the signInNames filter.
For an email address:
`GET https://graph.windows.net/myorganization/users?$filter=signInNames/any(x:x/value eq 'someone#somewhere.com')&api-version=1.6`
For a user name:
`https://graph.windows.net/myorganization/users?$filter=signInNames/any(x:x/value eq 'someone')&api-version=1.6`
Programmatically, to check the user with the email address already exist.
here is a solution using C# and Graph client library.
private async Task<User> CheckUserAlreadyExistAsync(string email, CancellationToken ct)
{
var filter = $"identities/any(c:c/issuerAssignedId eq '{email}' and c/issuer eq '{email}')";
var request = _graphServiceClient.Users.Request()
.Filter(filter)
.Select(userSelectQuery)
.Expand(e => e.AppRoleAssignments);
var userCollectionPage = await request.GetAsync(ct).ConfigureAwait(false);
return userCollectionPage.FirstOrDefault();
}
We protect action with authorize attribute with specific role name this way
[Authorize(Roles="members, admin")]
suppose users and roles are mapped in db table. so when user login then how could i attach role with logged in user using identity.
here i am posting url and sample which show how people do the same in mvc4 with custom form authentication. just see the code and i hope surely understand what i am trying to do with asp.net mvc 5 using identity.
https://www.codeproject.com/Articles/408306/Understanding-and-Implementing-ASP-NET-Custom-Form
see this above url for custom form authentication with asp.net mvc 4
protected void FormsAuthentication_OnAuthenticate(Object sender, FormsAuthenticationEventArgs e)
{
if (FormsAuthentication.CookiesSupported == true)
{
if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
try
{
//let us take out the username now
string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name;
//let us extract the roles from our own custom cookie
string roles = DBHelper.GetUserRoles(username);
//Let us set the Pricipal with our user specific details
e.User = new System.Security.Principal.GenericPrincipal(
new System.Security.Principal.GenericIdentity(username, "Forms"), roles.Split(';'));
}
catch (Exception)
{
//somehting went wrong
}
}
}
}
i am working with asp.net mvc 5 & identity system. please help and guide me. thanks
You have to get logged in user id first
var UserName= await User.Identity.GetUserId()
then you can assign any role to that logged in user like
var _context = new ApplicationDbContext();
var UserManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(_context));
UserManager.AddToRole("UserName", "UserRole");
How can we query Azure Directory and get the Authentication Phone number used for password reset. It is not the mobile number that is exposed using Microsoft graph Library. We are using MVC 5, C# VS2017.
Thank you, Tim:
Currently, we use the below code to get user properties however, the phone number used during a password reset is not there.
// Get the current user's profile.
public async Task<List<ResultsItem>> GetMe(GraphServiceClient graphClient)
{
List<ResultsItem> items = new List<ResultsItem>();
// Get the current user's profile.
User me = await graphClient.Me.Request().GetAsync();
if (me != null)
{
// Get user properties.
items.Add(new ResultsItem
{
Display = me.DisplayName,
Id = me.Id,
Properties = new Dictionary<string, object>
{
{ Resource.Prop_Upn, me.UserPrincipalName },
{ Resource.Prop_Id, me.Id }
}
});
}
return items;
}
Yes, unfortunately you currently cannot use Microsoft Graph to programmatically set the strong authentication properties, which is used for Self Service Password Reset and for Multi-Factor Authentication.
This is a frequently requested features, it is on our backlog and I hope to deliver it soon, however I cannot provide a specific timeline when it will be available.
I am trying to find a guide or something that can teach me to make a view that users navigate to when they login. The view should show profile properties like firstname,lastname, and additional custom data. The problem is I dont know how to send the id from login to a another view. In other words when this succeeds in AccountController...
case SignInStatus.Success:
return RedirectToLocal(returnUrl);
// return RedirectToAction("Customer", "Account");
... I want to send id to another view. I tried make a view like so:
public ActionResult Customer(string userId)
{
ApplicationDbContext _context = new ApplicationDbContext();
var UserManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(_context));
var ThisUser = UserManager.FindById(User.Identity.GetUserId());
//string a = Convert.ToString(User.Identity.GetUserId());
//RegisterViewModel RVM = db.RegisterViewModels.Find(a);
return View(ThisUser);
}
It did not work. Any suggestions?
There is a lot of information to found about ASP.NET Identity on the web, in particular Microsoft's own documentation is really good. Check this out for a starter for some great examples.
How can I query graph.windows.net for accounts in our Azure AD that do have the email property set? I am asking for the query string, or even better a C# statement using ActiveDirectoryClient.
It doesn't seem possible to use $filter=email neq '' or other similar $filter construct to exclude users that don't have the email property set.
You can iterate all the Azure AD users and check if the users have a mail:
ActiveDirectoryClient activeDirectoryClient = AuthenticationHelper.GetActiveDirectoryClientAsApplication();
List<IUser> users = activeDirectoryClient.Users.ExecuteAsync().Result.CurrentPage.ToList();
var mailUsers = new List<IUser>();
foreach (IUser user in users)
{
if(user.Mail != null)
{
mailUsers.Add(user);
}
}
Please check the sample application at
https://github.com/Azure-Samples/active-directory-dotnet-graphapi-console