Abp: Authentication Extensibility system to check username & password from an external source
ASP.NET Boilerplate has a good feature, named "External Authentication": https://aspnetboilerplate.com/Pages/Documents/Zero/User-Management#external-authentication
It makes possible to check username & password from any source (a database, a REST service, LDAP.... etc.). This is a good system which allows to easily extend the authentication mechanism.
I will implement a similar system for the ABP Framework, in the Identity module.
hikalkan
All 2 comments
Done. This will be (eventually) documented. But, if you want to use it today;
- Create a class inherits from the
ExternalLoginProviderBase(defined in the Volo.Abp.Identity.AspNetCore package). Example:
````csharp
using System;
using System.Threading.Tasks;
using Volo.Abp.DependencyInjection;
using Volo.Abp.Guids;
using Volo.Abp.MultiTenancy;
namespace Volo.Abp.Identity.AspNetCore
{
public class FakeExternalLoginProvider : ExternalLoginProviderBase, ITransientDependency
{
public const string Name = "Fake";
public FakeExternalLoginProvider(
IGuidGenerator guidGenerator,
ICurrentTenant currentTenant,
IdentityUserManager userManager,
IIdentityUserRepository identityUserRepository)
: base(
guidGenerator,
currentTenant,
userManager,
identityUserRepository)
{
}
public override Task<bool> TryAuthenticateAsync(string userName, string plainPassword)
{
return Task.FromResult(
userName == "ext_user" && plainPassword == "abc"
);
}
protected override Task<ExternalLoginUserInfo> GetUserInfoAsync(string userName)
{
if (userName != "ext_user")
{
throw new ArgumentException();
}
return Task.FromResult(
new ExternalLoginUserInfo("[email protected]")
{
Name = "Test Name", //optional, if the provider knows it
Surname = "Test Surname", //optional, if the provider knows it
EmailConfirmed = true, //optional, if the provider knows it
TwoFactorEnabled = false, //optional, if the provider knows it
PhoneNumber = "123", //optional, if the provider knows it
PhoneNumberConfirmed = false, //optional, if the provider knows it
ProviderKey = "123" //The id of the user on the provider side
}
);
}
}
}
````
TryAuthenticateAsync should check user & pass and GetUserInfoAsync should provide user details. GetUserInfoAsync is called on create (when the user first logins) and update (subsequent logins).
- Register to the
AbpIdentityAspNetCoreOptions:
csharp
Configure<AbpIdentityAspNetCoreOptions>(options =>
{
options.ExternalLoginProviders.Add<FakeExternalLoginProvider>(FakeExternalLoginProvider.Name);
});
You can register more than one provider.
Additional notes
- This feature comes with a new
IsExternalfield to theIdentityUserwhich is set to true if the user was created on an external authentication process.
hikalkan
on 6 Aug 2020
@hikalkan it should be Register to the AbpIdentityOptions锛宯ot AbpIdentityAspNetCoreOptions
jortygu
on 21 Oct 2020
Related issues
derily
路
3Comments
hikalkan
路
3Comments
hikalkan
路
3Comments
mehdihadeli
路
3Comments
wocar
路
3Comments
Most helpful comment
Done. This will be (eventually) documented. But, if you want to use it today;
ExternalLoginProviderBase(defined in the Volo.Abp.Identity.AspNetCore package). Example:````csharp
using System;
using System.Threading.Tasks;
using Volo.Abp.DependencyInjection;
using Volo.Abp.Guids;
using Volo.Abp.MultiTenancy;
namespace Volo.Abp.Identity.AspNetCore
{
public class FakeExternalLoginProvider : ExternalLoginProviderBase, ITransientDependency
{
public const string Name = "Fake";
}
````
TryAuthenticateAsyncshould check user & pass andGetUserInfoAsyncshould provide user details.GetUserInfoAsyncis called on create (when the user first logins) and update (subsequent logins).AbpIdentityAspNetCoreOptions:csharp Configure<AbpIdentityAspNetCoreOptions>(options => { options.ExternalLoginProviders.Add<FakeExternalLoginProvider>(FakeExternalLoginProvider.Name); });You can register more than one provider.
Additional notes
IsExternalfield to theIdentityUserwhich is set to true if the user was created on an external authentication process.