From a46351ca4159ce73e0fd6420a1f89fe936769a1d Mon Sep 17 00:00:00 2001
From: maliming <malimings@gmail.com>
Date: Thu, 8 Jul 2021 10:48:38 +0800
Subject: [PATCH] Check the user according to email before creating an external
 user.

Resolve #9519
---
 .../Pages/Account/Login.cshtml.cs             | 32 +++++++++----------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml.cs b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml.cs
index 313f3f07c0..efe027cc9a 100644
--- a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml.cs
+++ b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml.cs
@@ -216,7 +216,7 @@ namespace Volo.Abp.Account.Web.Pages.Account
                 Logger.LogWarning($"External login callback error: user is locked out!");
                 throw new UserFriendlyException("Cannot proceed because user is locked out!");
             }
-            
+
             if (result.IsNotAllowed)
             {
                 Logger.LogWarning($"External login callback error: user is not allowed!");
@@ -230,24 +230,29 @@ namespace Volo.Abp.Account.Web.Pages.Account
 
             //TODO: Handle other cases for result!
 
-            // Get the information about the user from the external login provider
-            var externalLoginInfo = await SignInManager.GetExternalLoginInfoAsync();
-            if (externalLoginInfo == null)
-            {
-                throw new ApplicationException("Error loading external login information during confirmation.");
-            }
-
-            if (!IsEmailRetrievedFromExternalLogin(externalLoginInfo))
+            var email = loginInfo.Principal.FindFirstValue(AbpClaimTypes.Email);
+            if (email.IsNullOrWhiteSpace())
             {
                 return RedirectToPage("./Register", new
                 {
                     IsExternalLogin = true,
-                    ExternalLoginAuthSchema = externalLoginInfo.LoginProvider,
+                    ExternalLoginAuthSchema = loginInfo.LoginProvider,
                     ReturnUrl = returnUrl
                 });
             }
 
-            var user = await CreateExternalUserAsync(externalLoginInfo);
+            var user = await UserManager.FindByEmailAsync(email);
+            if (user == null)
+            {
+                user = await CreateExternalUserAsync(loginInfo);
+            }
+            else
+            {
+                if (await UserManager.FindByLoginAsync(loginInfo.LoginProvider, loginInfo.ProviderKey) == null)
+                {
+                    CheckIdentityErrors(await UserManager.AddLoginAsync(user, loginInfo));
+                }
+            }
 
             await SignInManager.SignInAsync(user, false);
 
@@ -261,11 +266,6 @@ namespace Volo.Abp.Account.Web.Pages.Account
             return RedirectSafely(returnUrl, returnUrlHash);
         }
 
-        private static bool IsEmailRetrievedFromExternalLogin(ExternalLoginInfo externalLoginInfo)
-        {
-            return externalLoginInfo.Principal.FindFirstValue(AbpClaimTypes.Email) != null;
-        }
-
         protected virtual async Task<IdentityUser> CreateExternalUserAsync(ExternalLoginInfo info)
         {
             await IdentityOptions.SetAsync();