From dbec1c6236ac5cc6bc31db52686259c64c89a7d3 Mon Sep 17 00:00:00 2001
From: Hao Kung <haok@microsoft.com>
Date: Fri, 23 Sep 2016 11:59:15 -0700
Subject: [PATCH] Expose more for extensibility

---
 .../SignInManager.cs                          | 45 +++++++++++++++----
 .../UserManager.cs                            | 38 ++++++++++++----
 2 files changed, 67 insertions(+), 16 deletions(-)

diff --git a/src/Microsoft.AspNetCore.Identity/SignInManager.cs b/src/Microsoft.AspNetCore.Identity/SignInManager.cs
index c2034ab768..f959ea22c2 100644
--- a/src/Microsoft.AspNetCore.Identity/SignInManager.cs
+++ b/src/Microsoft.AspNetCore.Identity/SignInManager.cs
@@ -76,10 +76,20 @@ namespace Microsoft.AspNetCore.Identity
         /// </summary>
         protected internal UserManager<TUser> UserManager { get; set; }
 
-        internal IUserClaimsPrincipalFactory<TUser> ClaimsFactory { get; set; }
-        internal IdentityOptions Options { get; set; }
+        /// <summary>
+        /// The <see cref="IUserClaimsPrincipalFactory{TUser}"/> used.
+        /// </summary>
+        protected internal IUserClaimsPrincipalFactory<TUser> ClaimsFactory { get; set; }
 
-        internal HttpContext Context { 
+        /// <summary>
+        /// The <see cref="IdentityOptions"/> used.
+        /// </summary>
+        protected internal IdentityOptions Options { get; set; }
+
+        /// <summary>
+        /// The <see cref="HttpContext"/> used.
+        /// </summary>
+        protected internal HttpContext Context { 
             get
             {
                 var context = _context ?? _contextAccessor?.HttpContext;
@@ -95,7 +105,6 @@ namespace Microsoft.AspNetCore.Identity
             }
         }
 
-
         /// <summary>
         /// Creates a <see cref="ClaimsPrincipal"/> for the specified <paramref name="user"/>, as an asynchronous operation.
         /// </summary>
@@ -633,18 +642,33 @@ namespace Microsoft.AspNetCore.Identity
             return null;
         }
 
-        private async Task<bool> IsLockedOut(TUser user)
+        /// <summary>
+        /// Used to determine if a user is considered locked out.
+        /// </summary>
+        /// <param name="user">The user.</param>
+        /// <returns>Whether a user is considered locked out.</returns>
+        protected virtual async Task<bool> IsLockedOut(TUser user)
         {
             return UserManager.SupportsUserLockout && await UserManager.IsLockedOutAsync(user);
         }
 
-        private async Task<SignInResult> LockedOut(TUser user)
+        /// <summary>
+        /// Returns a locked out SignInResult.
+        /// </summary>
+        /// <param name="user">The user.</param>
+        /// <returns>A locked out SignInResult</returns>
+        protected virtual async Task<SignInResult> LockedOut(TUser user)
         {
             Logger.LogWarning(3, "User {userId} is currently locked out.", await UserManager.GetUserIdAsync(user));
             return SignInResult.LockedOut;
         }
 
-        private async Task<SignInResult> PreSignInCheck(TUser user)
+        /// <summary>
+        /// Used to ensure that a user is allowed to sign in.
+        /// </summary>
+        /// <param name="user">The user</param>
+        /// <returns>Null if the user should be allowed to sign in, otherwise the SignInResult why they should be denied.</returns>
+        protected virtual async Task<SignInResult> PreSignInCheck(TUser user)
         {
             if (!await CanSignInAsync(user))
             {
@@ -657,7 +681,12 @@ namespace Microsoft.AspNetCore.Identity
             return null;
         }
 
-        private Task ResetLockout(TUser user)
+        /// <summary>
+        /// Used to reset a user's lockout count.
+        /// </summary>
+        /// <param name="user">The user</param>
+        /// <returns>The <see cref="Task"/> that represents the asynchronous operation, containing the <see cref="IdentityResult"/> of the operation.</returns>
+        protected virtual Task ResetLockout(TUser user)
         {
             if (UserManager.SupportsUserLockout)
             {
diff --git a/src/Microsoft.AspNetCore.Identity/UserManager.cs b/src/Microsoft.AspNetCore.Identity/UserManager.cs
index ae875bceb1..30881435c5 100644
--- a/src/Microsoft.AspNetCore.Identity/UserManager.cs
+++ b/src/Microsoft.AspNetCore.Identity/UserManager.cs
@@ -39,7 +39,11 @@ namespace Microsoft.AspNetCore.Identity
         private TimeSpan _defaultLockout = TimeSpan.Zero;
         private bool _disposed;
         private readonly HttpContext _context;
-        private CancellationToken CancellationToken => _context?.RequestAborted ?? CancellationToken.None;
+
+        /// <summary>
+        /// The cancellation token assocated with the current HttpContext.RequestAborted or CancellationToken.None if unavailable.
+        /// </summary>
+        protected CancellationToken CancellationToken => _context?.RequestAborted ?? CancellationToken.None;
 
         /// <summary>
         /// Constructs a new instance of <see cref="UserManager{TUser}"/>.
@@ -110,24 +114,42 @@ namespace Microsoft.AspNetCore.Identity
         protected internal IUserStore<TUser> Store { get; set; }
 
         /// <summary>
-        /// Gets the <see cref="ILogger"/> used to log messages from the manager.
+        /// The <see cref="ILogger"/> used to log messages from the manager.
         /// </summary>
         /// <value>
         /// The <see cref="ILogger"/> used to log messages from the manager.
         /// </value>
         protected internal virtual ILogger Logger { get; set; }
 
-        internal IPasswordHasher<TUser> PasswordHasher { get; set; }
+        /// <summary>
+        /// The <see cref="IPasswordHasher{TUser}"/> used to hash passwords.
+        /// </summary>
+        protected internal IPasswordHasher<TUser> PasswordHasher { get; set; }
 
-        internal IList<IUserValidator<TUser>> UserValidators { get; } = new List<IUserValidator<TUser>>();
+        /// <summary>
+        /// The <see cref="IUserValidator{TUser}"/> used to validate users.
+        /// </summary>
+        protected internal IList<IUserValidator<TUser>> UserValidators { get; } = new List<IUserValidator<TUser>>();
 
-        internal IList<IPasswordValidator<TUser>> PasswordValidators { get; } = new List<IPasswordValidator<TUser>>();
+        /// <summary>
+        /// The <see cref="IPasswordValidator{TUser}"/> used to validate passwords.
+        /// </summary>
+        protected internal IList<IPasswordValidator<TUser>> PasswordValidators { get; } = new List<IPasswordValidator<TUser>>();
 
-        internal ILookupNormalizer KeyNormalizer { get; set; }
+        /// <summary>
+        /// The <see cref="ILookupNormalizer"/> used to normalize things like user and role names.
+        /// </summary>
+        protected internal ILookupNormalizer KeyNormalizer { get; set; }
 
-        internal IdentityErrorDescriber ErrorDescriber { get; set; }
+        /// <summary>
+        /// The <see cref="IdentityErrorDescriber"/> used to generate error messages.
+        /// </summary>
+        protected internal IdentityErrorDescriber ErrorDescriber { get; set; }
 
-        internal IdentityOptions Options { get; set; }
+        /// <summary>
+        /// The <see cref="IdentityOptions"/> used to configure Identity.
+        /// </summary>
+        protected internal IdentityOptions Options { get; set; }
 
         /// <summary>
         /// Gets a flag indicating whether the backing user store supports authentication tokens.