Hi, could this be something on the OnExternalLogin method? It's not a virtual user, but i guess you have to hook up on a database anyway to do your check.
public void Configure(BackOfficeExternalLoginProviderOptions options)
{
options.AutoLinkOptions = new ExternalSignInAutoLinkOptions(
autoLinkExternalAccount: false )
{
OnExternalLogin = (user, loginInfo) =>
{
// Do your check on your DB
return true; //returns a boolean if sign in should continue
}
};
}
}
Unfortunately that won't work because the OnExternalLogin event is only triggered after the OnAutoLinking event. So it will only trigger if a user/member already exists in Umbraco.
I think I have some pointer, that can help you to a solution. I am currently working on a somewhat similar problem.
I have yet to make it fully integrate into Umbraco member system, but here is some pointers:
You can have a look at creating a class that inherits from Umbraco.Cms.Web.Common.Security.MemberManager. (Also check this out)
You can then inject that in startup like this:
In that class, you can override almost all the action you need.
I have not had a look at this yet, but there is also a .SetMemberStore() method on the IServiceCollection, so that might be helpfull as well.
When you look into MemberManager and it's dependencies, you find a lot of functionality that can possibly help you figure out a solution.
I have been buried in this for the last couple of days. I must say, the documentation is very lacking on this area. I stitched this together from forum posts, documentation and source code, and it's not even fully working (but enought for what I need right now).
But since there is so little information, I thought I would hurry and get my findings out there. So hopefully it helps :)
I've been able get a part of virtual members working. You can login and the member doesn't need to exist in Umbraco. You can find the experimental code here:
External login providers with virtual users/members
Hi all,
I'm doing some experiments with external login providers. The following docs have been really helpful:
https://our.umbraco.com/documentation/reference/security/external-login-providers/
https://our.umbraco.com/documentation/reference/security/auto-linking/
The auto-linking feature seems like a great addition because you don't need to create users/members first in the backoffice.
I have a working example with an external login provider and auto-linking. It works, but when a user/member does an external login it will still create a user/member in the backoffice. Since my external login provider is the source of truth for all users/members I don't need them in the backoffice. Is there something like virtual user/member that only exists while being logged in? Something similar to this feature in Sitecore: https://doc.sitecore.com/xp/en/developers/92/sitecore-experience-manager/configure-federated-authentication.html#configure-virtual-and-persistent-users
My external login provider has thousands of users/members and I don't need all of them in my Umbraco backoffice. Is that possible?
Jeroen
Hi all,
I've checked the source code of Umbraco and it seems that virtual users/members are not supported at the moment.
That's why I created a feature request for it: https://github.com/umbraco/Umbraco-CMS/discussions/12741
Jeroen
Hi, could this be something on the OnExternalLogin method? It's not a virtual user, but i guess you have to hook up on a database anyway to do your check.
Hi Guido,
Unfortunately that won't work because the OnExternalLogin event is only triggered after the OnAutoLinking event. So it will only trigger if a user/member already exists in Umbraco.
Jeroen
It's still not possible to use virtual users/members.
However I did release a package that shows how external login providers can be used in Umbraco: https://www.jeroenbreuer.nl/blog/released-umbraco-openid-connect-example-package/
Jeroen
I think I have some pointer, that can help you to a solution. I am currently working on a somewhat similar problem.
I have yet to make it fully integrate into Umbraco member system, but here is some pointers:
You can have a look at creating a class that inherits from
Umbraco.Cms.Web.Common.Security.MemberManager. (Also check this out) You can then inject that in startup like this:In that class, you can override almost all the action you need. I have not had a look at this yet, but there is also a
.SetMemberStore()method on theIServiceCollection, so that might be helpfull as well.When you look into
MemberManagerand it's dependencies, you find a lot of functionality that can possibly help you figure out a solution.This was very helpfull for me, when I had to store custom data on the member.
The very most simple thing you can do, is something like this, in you auth controller. It will not get you all the way, buy it will get you logged in.
_memberSigninManager is type
IMemberSignInManager.As mentioned, I havent gotten it all fully integrated. I am still having trouble getting the member to access protected nodes.
I know that this is all over the place, but I thought it might be to some help.
Perfect timing :D Where just looking for something like this!
Haha! Awesome!
I have been buried in this for the last couple of days. I must say, the documentation is very lacking on this area. I stitched this together from forum posts, documentation and source code, and it's not even fully working (but enought for what I need right now).
But since there is so little information, I thought I would hurry and get my findings out there. So hopefully it helps :)
It's like the role are not added to the user.
It says the user is logged in..
Hi Andreas,
Did you manage to get virtual users/members working in Umbraco?
Jeroen
Hi Jeroen,
I have only come as far as described above, as I have not had time to look at it. I might need to look into it in the coming months though.
Same. For now I'm creating the Member in Umbraco on login
Hi Andreas,
I'm going to do some experiments with virtual users. Starting with the pointers you gave in this topic. Do you have any other tips?
Jeroen
I've been able get a part of virtual members working. You can login and the member doesn't need to exist in Umbraco. You can find the experimental code here:
https://github.com/jbreuer/Umbraco-OpenIdConnect-Example/blob/feature/virtual-members/Umbraco-OpenIdConnect-Example.Core/CustomMemberSignInManager.cs#L130-L152
I did it by overriding the IMemberSignInManager:
https://github.com/jbreuer/Umbraco-OpenIdConnect-Example/blob/feature/virtual-members/Umbraco-OpenIdConnect-Example.Core/Extensions/UmbracoBuilderExtensions.cs#L115-L119
Roles aren't working yet so that's what I will try next.
With this experiment ChatGPT was my friend. Got some really helpful tips while working on .NET 7.
Jeroen
Sweet! Will take a look at your code 🙌🏻
Wow this looks great! Let me know if you can fully integrate it into members. Then I could add it to the Umbraco OpenID Connect example package:
https://github.com/jbreuer/Umbraco-OpenIdConnect-Example
Jeroen
I managed to get virtual members working. It is an experiment though. I don't know if it is wise to use this approach on a live environment.
You can read the full blog here: https://www.jeroenbreuer.nl/blog/virtual-members-in-umbraco/
Jeroen
is working on a reply...
This forum is in read-only mode while we transition to the new forum.
You can continue this topic on the new forum by tapping the "Continue discussion" link below.