In this article I am using IdentityServer4 which has been enriched with Identity to have access to UserManager and SignInManager. The key part about linking these 2 together was the use of a certain nuget package IdentityServer4.AspIdentity which provided some extra services for us that binds these 2 together.
The added services are:
- the ProfileService
- the UserClaimsFactory
- the ResourceOwnerPasswordValidator
- the SecurityStampValidator
I have implemented a custom userstore for the UserManager which is Mongo Based. And what I want to do, is to allow for my users to be able to login with their email, username or even their phonenumber if it’s confirmed.
The method AddComXIdentity() adds the IdentityCore, the SignInManager, the default token providers and the userstore. I will not enter into details here since this is another talk.
What I want now to do, is to use the username and password to validate.
Note that I passed an email for the username and I want to be able to authenticate with it.
If you look at the implementation of the ResourceOwnerPasswordValidator in AspNetIdentity the method receives only the username and the password.
If you are curios where is this validation used, go to the TokenRequestValidator class:
The trick is to use a decorator method which was nicely provided to us in the AspNetIdentity project (note that the method is internal, you have to make your own method using the example).
The claims factory decorates an existing claims factory and you can open up the project and follow the logic there. We will do the same
Our new resource password validator:
Don’t forget, your user store has to support IQueryableUserStore to search by other properties your model might have.