Resolved #4985: Change AbpResourceOwnerPasswordValidator to support the external login system.

modules/identity/src/Volo.Abp.Identity.AspNetCore/Volo/Abp/Identity/AspNetCore/AbpIdentityAspNetCoreOptions.cs

@@ -6,12 +6,5 @@
         /// Default: true.
         /// </summary>
         public bool ConfigureAuthentication { get; set; } = true;
-
-        public ExternalLoginProviderDictionary ExternalLoginProviders { get; }
-
-        public AbpIdentityAspNetCoreOptions()
-        {
-            ExternalLoginProviders = new ExternalLoginProviderDictionary();
-        }
     }
 }

modules/identity/src/Volo.Abp.Identity.AspNetCore/Volo/Abp/Identity/AspNetCore/AbpSignInManager.cs

@@ -10,7 +10,7 @@ namespace Volo.Abp.Identity.AspNetCore
 {
     public class AbpSignInManager : SignInManager<IdentityUser>
     {
-        protected AbpIdentityAspNetCoreOptions AbpOptions { get; }
+        protected AbpIdentityOptions AbpOptions { get; }
 
         public AbpSignInManager(
             IdentityUserManager userManager,
@@ -20,7 +20,7 @@ namespace Volo.Abp.Identity.AspNetCore
             ILogger<SignInManager<IdentityUser>> logger,
             IAuthenticationSchemeProvider schemes,
             IUserConfirmation<IdentityUser> confirmation,
-            IOptions<AbpIdentityAspNetCoreOptions> options
+            IOptions<AbpIdentityOptions> options
         ) : base(
             userManager,
             contextAccessor,

modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/AbpIdentityOptions.cs

@@ -0,0 +1,12 @@
+namespace Volo.Abp.Identity
+{
+    public class AbpIdentityOptions
+    {
+        public ExternalLoginProviderDictionary ExternalLoginProviders { get; }
+
+        public AbpIdentityOptions()
+        {
+            ExternalLoginProviders = new ExternalLoginProviderDictionary();
+        }
+    }
+}

modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/ExternalLoginProviderBase.cs

@@ -6,7 +6,7 @@ using Volo.Abp.Domain.Repositories;
 using Volo.Abp.Guids;
 using Volo.Abp.MultiTenancy;
 
-namespace Volo.Abp.Identity.AspNetCore
+namespace Volo.Abp.Identity
 {
     public abstract class ExternalLoginProviderBase : IExternalLoginProvider
     {

modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/ExternalLoginProviderDictionary.cs

@@ -1,8 +1,7 @@
-using System;
-using System.Collections.Generic;
+using System.Collections.Generic;
 using JetBrains.Annotations;
 
-namespace Volo.Abp.Identity.AspNetCore
+namespace Volo.Abp.Identity
 {
     public class ExternalLoginProviderDictionary : Dictionary<string, ExternalLoginProviderInfo>
     {

modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/ExternalLoginProviderInfo.cs

@@ -1,7 +1,7 @@
 using System;
 using JetBrains.Annotations;
 
-namespace Volo.Abp.Identity.AspNetCore
+namespace Volo.Abp.Identity
 {
     public class ExternalLoginProviderInfo
     {

modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/ExternalLoginUserInfo.cs

@@ -1,6 +1,6 @@
 using JetBrains.Annotations;
 
-namespace Volo.Abp.Identity.AspNetCore
+namespace Volo.Abp.Identity
 {
     public class ExternalLoginUserInfo
     {
@@ -28,7 +28,7 @@ namespace Volo.Abp.Identity.AspNetCore
         [CanBeNull]
         public string ProviderKey { get; set; }
 
-        public ExternalLoginUserInfo([System.Diagnostics.CodeAnalysis.NotNull] string email)
+        public ExternalLoginUserInfo([NotNull] string email)
         {
             Email = Check.NotNullOrWhiteSpace(email, nameof(email));
         }

modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/IExternalLoginProvider.cs

@@ -1,6 +1,6 @@
 using System.Threading.Tasks;
 
-namespace Volo.Abp.Identity.AspNetCore
+namespace Volo.Abp.Identity
 {
     public interface IExternalLoginProvider
     {

modules/identity/test/Volo.Abp.Identity.AspNetCore.Tests/Volo/Abp/Identity/AspNetCore/AbpIdentityAspNetCoreTestModule.cs

@@ -1,7 +1,6 @@
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Mvc.ApplicationParts;
 using Microsoft.Extensions.DependencyInjection;
-using Microsoft.Extensions.Options;
 using Volo.Abp.AspNetCore.Mvc;
 using Volo.Abp.AspNetCore.TestBase;
 using Volo.Abp.Modularity;
@@ -26,7 +25,7 @@ namespace Volo.Abp.Identity.AspNetCore
 
         public override void ConfigureServices(ServiceConfigurationContext context)
         {
-            Configure<AbpIdentityAspNetCoreOptions>(options =>
+            Configure<AbpIdentityOptions>(options =>
             {
                 options.ExternalLoginProviders.Add<FakeExternalLoginProvider>(FakeExternalLoginProvider.Name);
             });

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo.Abp.IdentityServer.Domain.csproj.DotSettings

@@ -1,2 +0,0 @@
-<wpf:ResourceDictionary xml:space="preserve" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:s="clr-namespace:System;assembly=mscorlib" xmlns:ss="urn:shemas-jetbrains-com:settings-storage-xaml" xmlns:wpf="http://schemas.microsoft.com/winfx/2006/xaml/presentation">
-	<s:String x:Key="/Default/CodeInspection/CSharpLanguageProject/LanguageLevel/@EntryValue">CSharp71</s:String></wpf:ResourceDictionary>

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpResourceOwnerPasswordValidator.cs

@@ -1,4 +1,6 @@
-using System.Collections.Generic;
+using System;
+using System.Collections.Generic;
+using System.Linq;
 using System.Security.Claims;
 using System.Threading.Tasks;
 using IdentityModel;
@@ -8,8 +10,11 @@ using IdentityServer4.Models;
 using IdentityServer4.Services;
 using IdentityServer4.Validation;
 using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Localization;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using Volo.Abp.DependencyInjection;
 using Volo.Abp.Identity;
 using Volo.Abp.IdentityServer.Localization;
 using Volo.Abp.Security.Claims;
@@ -27,6 +32,8 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
         protected IdentitySecurityLogManager IdentitySecurityLogManager { get; }
         protected ILogger<ResourceOwnerPasswordValidator<IdentityUser>> Logger { get; }
         protected IStringLocalizer<AbpIdentityServerResource> Localizer { get; }
+        protected IHybridServiceScopeFactory ServiceScopeFactory { get; }
+        protected AbpIdentityOptions AbpIdentityOptions { get; }
 
         public AbpResourceOwnerPasswordValidator(
             UserManager<IdentityUser> userManager,
@@ -34,7 +41,9 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
             IdentitySecurityLogManager identitySecurityLogManager,
             IEventService events,
             ILogger<ResourceOwnerPasswordValidator<IdentityUser>> logger,
-            IStringLocalizer<AbpIdentityServerResource> localizer)
+            IStringLocalizer<AbpIdentityServerResource> localizer,
+            IOptions<AbpIdentityOptions> abpIdentityOptions,
+            IHybridServiceScopeFactory serviceScopeFactory)
         {
             UserManager = userManager;
             SignInManager = signInManager;
@@ -42,6 +51,8 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
             Events = events;
             Logger = logger;
             Localizer = localizer;
+            ServiceScopeFactory = serviceScopeFactory;
+            AbpIdentityOptions = abpIdentityOptions.Value;
         }
 
         /// <summary>
@@ -52,35 +63,71 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
         [UnitOfWork]
         public virtual async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
         {
+            using var scope = ServiceScopeFactory.CreateScope();
+
             await ReplaceEmailToUsernameOfInputIfNeeds(context);
-            var user = await UserManager.FindByNameAsync(context.UserName);
-            string errorDescription;
-            if (user != null)
+
+            IdentityUser user = null;
+
+            async Task SetSuccessResultAsync()
             {
-                var result = await SignInManager.CheckPasswordSignInAsync(user, context.Password, true);
-                if (result.Succeeded)
-                {
-                    var sub = await UserManager.GetUserIdAsync(user);
+                var sub = await UserManager.GetUserIdAsync(user);
 
-                    Logger.LogInformation("Credentials validated for username: {username}", context.UserName);
-                    await Events.RaiseAsync(new UserLoginSuccessEvent(context.UserName, sub, context.UserName, interactive: false));
+                Logger.LogInformation("Credentials validated for username: {username}", context.UserName);
+                await Events.RaiseAsync(new UserLoginSuccessEvent(context.UserName, sub, context.UserName, interactive: false));
 
-                    var additionalClaims = new List<Claim>();
+                var additionalClaims = new List<Claim>();
 
-                    await AddCustomClaimsAsync(additionalClaims, user, context);
+                await AddCustomClaimsAsync(additionalClaims, user, context);
 
-                    context.Result = new GrantValidationResult(
-                        sub,
-                        OidcConstants.AuthenticationMethods.Password,
-                        additionalClaims.ToArray()
-                    );
+                context.Result = new GrantValidationResult(
+                    sub,
+                    OidcConstants.AuthenticationMethods.Password,
+                    additionalClaims.ToArray()
+                );
 
-                    await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext()
+                await IdentitySecurityLogManager.SaveAsync(
+                    new IdentitySecurityLogContext
                     {
                         Identity = IdentityServerSecurityLogIdentityConsts.IdentityServer,
-                        Action = result.ToIdentitySecurityLogAction(),
-                    });
+                        Action = IdentityServerSecurityLogActionConsts.LoginSucceeded
+                    }
+                );
+            }
+
+            if (AbpIdentityOptions.ExternalLoginProviders.Any())
+            {
+                foreach (var externalLoginProviderInfo in AbpIdentityOptions.ExternalLoginProviders.Values)
+                {
+                    var externalLoginProvider = (IExternalLoginProvider) scope.ServiceProvider
+                        .GetRequiredService(externalLoginProviderInfo.Type);
 
+                    if (await externalLoginProvider.TryAuthenticateAsync(context.UserName, context.Password))
+                    {
+                        user = await UserManager.FindByNameAsync(context.UserName);
+                        if (user == null)
+                        {
+                            user = await externalLoginProvider.CreateUserAsync(context.UserName, externalLoginProviderInfo.Name);
+                        }
+                        else
+                        {
+                            await externalLoginProvider.UpdateUserAsync(user, externalLoginProviderInfo.Name);
+                        }
+
+                        await SetSuccessResultAsync();
+                        return;
+                    }
+                }
+            }
+
+            user = await UserManager.FindByNameAsync(context.UserName);
+            string errorDescription;
+            if (user != null)
+            {
+                var result = await SignInManager.CheckPasswordSignInAsync(user, context.Password, true);
+                if (result.Succeeded)
+                {
+                    await SetSuccessResultAsync();
                     return;
                 }
                 else if (result.IsLockedOut)
@@ -102,7 +149,7 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
                     errorDescription = Localizer["InvalidUserNameOrPassword"];
                 }
 
-                await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext()
+                await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext
                 {
                     Identity = IdentityServerSecurityLogIdentityConsts.IdentityServer,
                     Action = result.ToIdentitySecurityLogAction(),