huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
aspnetcore/src/Security/samples/Identity.ExternalClaims
History
Doug Bunting 57d5a46492
[release/5.0] Expose all references when not restoring (#33201) 
* [release/5.0] Expose all references when not restoring
- backport of 0b0bed3eb89a (#32718)

* Expose all references when not restoring
  - use empty `$(MSBuildRestoreSessionId)` to determine when contributing to dependency graph
* Remove extra direct references
  - should now be part of the dependency graph automatically
* Avoid errors about non-shared Fx references
  - not a problem unless executing `restore` target
* Special case source builds
 		2021-06-03 22:39:02 -07:00
..
Controllers
Data
Extensions
Pages Made the encodings of .razor and .cshtml files in the repo consistent (#23502) 2020-06-30 12:03:01 -07:00
Services
wwwroot
Identity.ExternalClaims.csproj [release/5.0] Expose all references when not restoring (#33201) 2021-06-03 22:39:02 -07:00
Program.cs
README.md
Startup.cs Add MigrationsEndPoint when DatabaseDeveloperPageExceptionFilter is used (#25554) 2020-09-04 15:46:14 -07:00
appsettings.Development.json
appsettings.json
bundleconfig.json

README.md

AuthSamples.Identity.ExternalClaims

Sample demonstrating copying over static and dynamic external claims from Google authentication during login:

Steps:

  1. Configure a google OAuth2 project. See https://docs.microsoft.com/aspnet/core/security/authentication/social/google-logins for basic setup using google logins.
  2. Update Startup.cs AddGoogle()'s options with ClientId and ClientSecret for your google app.
  3. Run the app and click on the MyClaims tab, this should trigger a redirect to login.
  4. Login via the Google button, this should redirect you to google.
  5. You should be redirected back to /Home/MyClaims which will output the user claims. Notice that a gender claim is included as well as the AccessToken in the AuthenticationProperties.

How this works:

  • Startup adds the google plus scope to include additional data in the json payload, and then maps the gender key to a claim in the google identity which is stored in the Identity.ExternalCookie.
  • In ExternalLogin.cshtml.cs when a user is registered from an external login, we copy the gender claim into the user's local identity claims in OnPostConfirmationAsync, since this is a static claim we only do this once.
  • For the AccessToken which needs to be updated every login, this is done automatically via SaveTokens = true, which calls StoreTokens on AuthenticationProperties which is passed into SignInAsync, this is done in both Register and Login so its updated every time an external login is done.
  • To demonstrate adding custom tokens, see OnCreatingTicket which adds a new token and stores the updated tokens.