Improve functionality for external member logins (#11855)

* Bugfix - Take ufprt from form data if the request has form content type, otherwise fallback to use the query

* External linking for members

* Changed migration to reuse old table

* removed unnecessary web.config files

* Cleanup

* Extracted class to own file

* Clean up

* Rollback changes to Umbraco.Web.UI.csproj

* Fixed migration for SqlCE

* Change notification handler to be on deleted

* Update src/Umbraco.Infrastructure/Security/MemberUserStore.cs

Co-authored-by: Mole <[email protected]>

* Fixed issue with errors not shown on member linking

* fixed issue with errors

* clean up

* Fix issue where external logins could not be used to upgrade Umbraco, because the externalLogin table was expected to look different. (Like after the migration)

* Fixed issue in Ignore legacy column now using result column.

Co-authored-by: Mole <[email protected]>

Author: bergmania

src/Umbraco.Core/Constants-Security.cs

@@ -50,6 +50,7 @@ public static class Security
             /// providers need to be setup differently and each auth type for the back office will be prefixed with this value
             /// </remarks>
             public const string BackOfficeExternalAuthenticationTypePrefix = "Umbraco.";
+            public const string MemberExternalAuthenticationTypePrefix = "UmbracoMembers.";
 
             public const string StartContentNodeIdClaimType = "http://umbraco.org/2015/02/identity/claims/backoffice/startcontentnode";
             public const string StartMediaNodeIdClaimType = "http://umbraco.org/2015/02/identity/claims/backoffice/startmedianode";

src/Umbraco.Core/Extensions/ClaimsIdentityExtensions.cs

@@ -62,6 +62,19 @@ public static string GetUserName(this IIdentity identity)
             return username;
         }
 
+        public static string GetEmail(this IIdentity identity)
+        {
+            if (identity == null) throw new ArgumentNullException(nameof(identity));
+
+            string email = null;
+            if (identity is ClaimsIdentity claimsIdentity)
+            {
+                email = claimsIdentity.FindFirstValue(ClaimTypes.Email);
+            }
+
+            return email;
+        }
+
         /// <summary>
         /// Returns the first claim value found in the <see cref="ClaimsIdentity"/> for the given claimType
         /// </summary>

src/Umbraco.Core/Persistence/Repositories/IExternalLoginRepository.cs

@@ -1,24 +1,29 @@
+using System;
 using System.Collections.Generic;
 using Umbraco.Cms.Core.Security;
 
 namespace Umbraco.Cms.Core.Persistence.Repositories
 {
+
     public interface IExternalLoginRepository : IReadWriteQueryRepository<int, IIdentityUserLogin>, IQueryRepository<IIdentityUserToken>
     {
+
         /// <summary>
         /// Replaces all external login providers for the user
         /// </summary>
         /// <param name="userId"></param>
         /// <param name="logins"></param>
+        [Obsolete("Use method that takes guid as param from IExternalLoginWithKeyRepository")]
         void Save(int userId, IEnumerable<IExternalLogin> logins);
 
         /// <summary>
         /// Replaces all external login provider tokens for the providers specified for the user
         /// </summary>
         /// <param name="userId"></param>
         /// <param name="tokens"></param>
+        [Obsolete("Use method that takes guid as param from IExternalLoginWithKeyRepository")]
         void Save(int userId, IEnumerable<IExternalLoginToken> tokens);
-
+        [Obsolete("Use method that takes guid as param from IExternalLoginWithKeyRepository")]
         void DeleteUserLogins(int memberId);
     }
 }

src/Umbraco.Core/Persistence/Repositories/IExternalLoginWithKeyRepository.cs

@@ -0,0 +1,28 @@
+using System;
+using System.Collections.Generic;
+using Umbraco.Cms.Core.Security;
+
+namespace Umbraco.Cms.Core.Persistence.Repositories
+{
+
+    /// <summary>
+    /// Repository for external logins with Guid as key, so it can be shared for members and users
+    /// </summary>
+    public interface IExternalLoginWithKeyRepository : IReadWriteQueryRepository<int, IIdentityUserLogin>, IQueryRepository<IIdentityUserToken>
+    {
+        /// <summary>
+        /// Replaces all external login providers for the user/member key
+        /// </summary>
+        void Save(Guid userOrMemberKey, IEnumerable<IExternalLogin> logins);
+
+        /// <summary>
+        /// Replaces all external login provider tokens for the providers specified for the user/member key
+        /// </summary>
+        void Save(Guid userOrMemberKey, IEnumerable<IExternalLoginToken> tokens);
+
+        /// <summary>
+        /// Deletes all external logins for the specified the user/member key
+        /// </summary>
+        void DeleteUserLogins(Guid userOrMemberKey);
+    }
+}

src/Umbraco.Core/Security/IIdentityUserLogin.cs

@@ -19,7 +19,7 @@ public interface IIdentityUserLogin : IEntity, IRememberBeingDirty
         string ProviderKey { get; set; }
 
         /// <summary>
-        /// Gets or sets user Id for the user who owns this login
+        /// Gets or sets user or member key (Guid) for the user/member who owns this login
         /// </summary>
         string UserId { get; set; } // TODO: This should be able to be used by both users and members
 

src/Umbraco.Core/Services/IExternalLoginService.cs

@@ -1,3 +1,4 @@
+using System;
 using System.Collections.Generic;
 using Umbraco.Cms.Core.Security;
 
@@ -6,6 +7,7 @@ namespace Umbraco.Cms.Core.Services
     /// <summary>
     /// Used to store the external login info
     /// </summary>
+    [Obsolete("Use IExternalLoginServiceWithKey. This will be removed in Umbraco 10")]
     public interface IExternalLoginService : IService
     {
         /// <summary>

src/Umbraco.Core/Services/IExternalLoginWithKeyService.cs

@@ -0,0 +1,54 @@
+using System;
+using System.Collections.Generic;
+using Umbraco.Cms.Core.Security;
+
+namespace Umbraco.Cms.Core.Services
+{
+    public interface IExternalLoginWithKeyService : IService
+    {
+        /// <summary>
+        /// Returns all user logins assigned
+        /// </summary>
+        IEnumerable<IIdentityUserLogin> GetExternalLogins(Guid userOrMemberKey);
+
+        /// <summary>
+        /// Returns all user login tokens assigned
+        /// </summary>
+        IEnumerable<IIdentityUserToken> GetExternalLoginTokens(Guid userOrMemberKey);
+
+        /// <summary>
+        /// Returns all logins matching the login info - generally there should only be one but in some cases
+        /// there might be more than one depending on if an administrator has been editing/removing members
+        /// </summary>
+        IEnumerable<IIdentityUserLogin> Find(string loginProvider, string providerKey);
+
+        /// <summary>
+        /// Saves the external logins associated with the user
+        /// </summary>
+        /// <param name="userOrMemberKey">
+        /// The user or member key associated with the logins
+        /// </param>
+        /// <param name="logins"></param>
+        /// <remarks>
+        /// This will replace all external login provider information for the user
+        /// </remarks>
+        void Save(Guid userOrMemberKey, IEnumerable<IExternalLogin> logins);
+
+        /// <summary>
+        /// Saves the external login tokens associated with the user
+        /// </summary>
+        /// <param name="userId">
+        /// The user or member key associated with the logins
+        /// </param>
+        /// <param name="tokens"></param>
+        /// <remarks>
+        /// This will replace all external login tokens for the user
+        /// </remarks>
+        void Save(Guid userOrMemberKey,IEnumerable<IExternalLoginToken> tokens);
+
+        /// <summary>
+        /// Deletes all user logins - normally used when a member is deleted
+        /// </summary>
+        void DeleteUserLogins(Guid userOrMemberKey);
+    }
+}

src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.Repositories.cs

@@ -1,3 +1,4 @@
+using Microsoft.Extensions.DependencyInjection;
 using Umbraco.Cms.Core.DependencyInjection;
 using Umbraco.Cms.Core.Persistence.Repositories;
 using Umbraco.Cms.Infrastructure.Persistence.Repositories.Implement;
@@ -29,7 +30,9 @@ internal static IUmbracoBuilder AddRepositories(this IUmbracoBuilder builder)
             builder.Services.AddUnique<IDocumentTypeContainerRepository, DocumentTypeContainerRepository>();
             builder.Services.AddUnique<IDomainRepository, DomainRepository>();
             builder.Services.AddUnique<IEntityRepository, EntityRepository>();
-            builder.Services.AddUnique<IExternalLoginRepository, ExternalLoginRepository>();
+            builder.Services.AddUnique<ExternalLoginRepository>();
+            builder.Services.AddUnique<IExternalLoginRepository>(factory => factory.GetRequiredService<ExternalLoginRepository>());
+            builder.Services.AddUnique<IExternalLoginWithKeyRepository>(factory => factory.GetRequiredService<ExternalLoginRepository>());
             builder.Services.AddUnique<ILanguageRepository, LanguageRepository>();
             builder.Services.AddUnique<IMacroRepository, MacroRepository>();
             builder.Services.AddUnique<IMediaRepository, MediaRepository>();

src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.Services.cs

@@ -8,10 +8,13 @@
 using Umbraco.Cms.Core.Cache;
 using Umbraco.Cms.Core.Configuration.Models;
 using Umbraco.Cms.Core.DependencyInjection;
+using Umbraco.Cms.Core.Events;
 using Umbraco.Cms.Core.Hosting;
 using Umbraco.Cms.Core.IO;
 using Umbraco.Cms.Core.Packaging;
+using Umbraco.Cms.Core.Persistence.Repositories;
 using Umbraco.Cms.Core.Routing;
+using Umbraco.Cms.Core.Scoping;
 using Umbraco.Cms.Core.Services;
 using Umbraco.Cms.Core.Services.Implement;
 using Umbraco.Cms.Infrastructure.Packaging;
@@ -64,7 +67,14 @@ internal static IUmbracoBuilder AddServices(this IUmbracoBuilder builder)
             builder.Services.AddUnique<IMemberTypeService, MemberTypeService>();
             builder.Services.AddUnique<IMemberGroupService, MemberGroupService>();
             builder.Services.AddUnique<INotificationService, NotificationService>();
-            builder.Services.AddUnique<IExternalLoginService, ExternalLoginService>();
+            builder.Services.AddUnique<ExternalLoginService>(factory => new ExternalLoginService(
+                factory.GetRequiredService<IScopeProvider>(),
+                factory.GetRequiredService<ILoggerFactory>(),
+                factory.GetRequiredService<IEventMessagesFactory>(),
+                factory.GetRequiredService<IExternalLoginWithKeyRepository>()
+                ));
+            builder.Services.AddUnique<IExternalLoginService>(factory => factory.GetRequiredService<ExternalLoginService>());
+            builder.Services.AddUnique<IExternalLoginWithKeyService>(factory => factory.GetRequiredService<ExternalLoginService>());
             builder.Services.AddUnique<IRedirectUrlService, RedirectUrlService>();
             builder.Services.AddUnique<IConsentService, ConsentService>();
             builder.Services.AddTransient(SourcesFactory);

src/Umbraco.Infrastructure/Migrations/Upgrade/UmbracoPlan.cs

@@ -15,6 +15,7 @@
 using Umbraco.Cms.Infrastructure.Migrations.Upgrade.V_9_0_0;
 using Umbraco.Cms.Infrastructure.Migrations.Upgrade.V_9_1_0;
 using Umbraco.Cms.Infrastructure.Migrations.Upgrade.V_9_2_0;
+using Umbraco.Cms.Infrastructure.Migrations.Upgrade.V_9_3_0;
 using Umbraco.Extensions;
 
 namespace Umbraco.Cms.Infrastructure.Migrations.Upgrade
@@ -269,6 +270,11 @@ protected void DefinePlan()
             To<AddUserGroup2NodeTable>("{0571C395-8F0B-44E9-8E3F-47BDD08D817B}");
             To<AddDefaultForNotificationsToggle>("{AD3D3B7F-8E74-45A4-85DB-7FFAD57F9243}");
             To<MovePackageXMLToDb>("{A2F22F17-5870-4179-8A8D-2362AA4A0A5F}");
+
+
+            // TO 9.3.0
+            To<UpdateExternalLoginToUseKeyInsteadOfId>("{CA7A1D9D-C9D4-4914-BC0A-459E7B9C3C8C}");
+
         }
     }
 }