Hello, I was wondering if there was a way to link external users to a user through code. For example if I want to link a google account and want to link it to an existing user, can I do this programmatically?
after looking at the database it looks like I somehow need to insert a record into the dbo.UmbracoExternalUser table. Is this possible through the API?
We need to add all of this stuff to documentation. Hope this is what you are after, but of course auto-linking public Google accounts is not really a good idea because then anyone would have access to your back office that has a Google account. If they are your organization google accounts that should work for you.
Thanks for the reply Shannon, this is close to what I want I should have been more specific though. I am creating a back office user in code:
var userService = ApplicationContext.Current.Services.UserService;
var userTypes = userService.GetAllUserTypes();
var theNewUser = userService.CreateUserWithIdentity("testuer", "[email protected]", userTypes.FirstOrDefault());
and want to do something like this with the new user in the same function:
Hey Dan, I did get this to work but its been awhile. I managed to dig up some code that hopefully will help you out. This might not be everything but it should get you started on the right path.
Add these 4 files from my github - https://github.com/Vepar/UmbracoBackOfficeConfiguration to your App_Start folder to configure Auth Tokens, Custom Owin Startups, Umbraco Google Auth, etc. (you may also need to download the necessary nuget packages).
This should get you off to a good start. Let me know if you are still running in to issues.
Thanks, Adam. I was able to get the Google Auth working, but now I'm trying to figure out how to programmatically link a Google account with an Umbraco user. Much like you mention above with
Here's what I just got working. I don't know if I'm going about it the right way or if I'm doing it in the right location, but it seems to be working.
Basically, a Google user gets authenticated. When that happens I...
Make sure their email contains a valid domain
Look for an existing user with the email
Check to see if the accounts are already linked.
If not, link them
Ideally, I would link them when I create the user, but it's not possible to link an account without actually making the OAuth request, right?
public static void ConfigureBackOfficeGoogleAuth(this IAppBuilder app, string clientId, string clientSecret,
string caption = "Google", string style = "btn-google-plus", string icon = "fa-google-plus")
{
var googleOptions = new GoogleOAuth2AuthenticationOptions
{
ClientId = clientId,
ClientSecret = clientSecret,
//In order to allow using different google providers on the front-end vs the back office,
// these settings are very important to make them distinguished from one another.
SignInAsAuthenticationType = Constants.Security.BackOfficeExternalAuthenticationType,
// By default this is '/signin-google', you will need to change that default value in your
// Google developer settings for your web-app in the "REDIRECT URIS" setting
CallbackPath = new PathString("/umbraco-google-signin"),
Provider = new GoogleOAuth2AuthenticationProvider
{
OnAuthenticated = context =>
{
if (context.Email.EndsWith("@mydomain.com") || context.Email.EndsWith("@mydomain2.com"))
{
IUserService userService = ApplicationContext.Current.Services.UserService;
IUser umbracoUser = userService.GetByEmail(context.Email);
if (umbracoUser != null)
{
Claim idClaim = context.Identity.FindFirst(ClaimTypes.NameIdentifier);
Microsoft.AspNet.Identity.UserLoginInfo loginInfo = new Microsoft.AspNet.Identity.UserLoginInfo(idClaim.Issuer, idClaim.Value);
BackOfficeUserManager<BackOfficeIdentityUser> userManager = HttpContext.Current.GetOwinContext().GetBackOfficeUserManager();
Task<BackOfficeIdentityUser> identityUser = userManager.FindAsync(loginInfo);
if (identityUser.Result == null)
{
userManager.AddLoginAsync(umbracoUser.Id, loginInfo);
}
}
return Task.FromResult(0);
}
var errorMessage = string.Format("User tried to log in with {0}, which does not end with an accepted domain name.", context.Email);
throw new AuthenticationException(errorMessage);
}
}
};
googleOptions.ForUmbracoBackOffice(style, icon);
googleOptions.Caption = caption;
app.UseGoogleAuthentication(googleOptions);
}
Link External User Programmatically
Hello, I was wondering if there was a way to link external users to a user through code. For example if I want to link a google account and want to link it to an existing user, can I do this programmatically?
after looking at the database it looks like I somehow need to insert a record into the dbo.UmbracoExternalUser table. Is this possible through the API?
Thanks in advance for your help.
We have this class to auto-link external accounts with using OAuth: https://github.com/umbraco/Umbraco-CMS/blob/dev-v7/src/Umbraco.Web/Security/Identity/ExternalSignInAutoLinkOptions.cs
There's more issue on this issue: http://issues.umbraco.org/issue/U4-6753
We need to add all of this stuff to documentation. Hope this is what you are after, but of course auto-linking public Google accounts is not really a good idea because then anyone would have access to your back office that has a Google account. If they are your organization google accounts that should work for you.
Thanks for the reply Shannon, this is close to what I want I should have been more specific though. I am creating a back office user in code:
and want to do something like this with the new user in the same function:
Is there something like this in the existing API? Thanks a lot.
Oh right i see what you mean, yes there is an API for that which is just part of the ASP.Net Identity APIs, you can see it's usage here: https://github.com/umbraco/Umbraco-CMS/blob/dev-v7/src/Umbraco.Web/Editors/BackOfficeController.cs#L449
It is the Identity
UserManager.AddLoginAsyncmethod where the UserManager is Umbraco'sBackOfficeUserManagerwhich you can get from the OWIN context, for example: https://github.com/umbraco/Umbraco-CMS/blob/dev-v7/src/Umbraco.Web/Editors/BackOfficeController.cs#L57Adam:
Did you ever figure out how to do this? I'm currently trying to do the same and not having much luck.
Thanks!
Hey Dan, I did get this to work but its been awhile. I managed to dig up some code that hopefully will help you out. This might not be everything but it should get you started on the right path.
In your web config configure your providers:
Add these 4 files from my github - https://github.com/Vepar/UmbracoBackOfficeConfiguration to your App_Start folder to configure Auth Tokens, Custom Owin Startups, Umbraco Google Auth, etc. (you may also need to download the necessary nuget packages).
This should get you off to a good start. Let me know if you are still running in to issues.
-Adam
Thanks, Adam. I was able to get the Google Auth working, but now I'm trying to figure out how to programmatically link a Google account with an Umbraco user. Much like you mention above with
Thanks again
Here's what I just got working. I don't know if I'm going about it the right way or if I'm doing it in the right location, but it seems to be working.
Basically, a Google user gets authenticated. When that happens I...
Ideally, I would link them when I create the user, but it's not possible to link an account without actually making the OAuth request, right?
is working on a reply...