Merge remote-tracking branch 'origin/v9/dev' into v10/dev

# Conflicts: # build/azure-pipelines.yml # src/Umbraco.Core/Routing/DefaultUrlProvider.cs # src/Umbraco.Core/Routing/UrlProviderExtensions.cs # src/Umbraco.Infrastructure/Migrations/Install/DatabaseSchemaCreator.cs # src/Umbraco.Infrastructure/Persistence/Repositories/Implement/DocumentRepository.cs # src/Umbraco.Infrastructure/Services/Implement/ContentService.cs # src/Umbraco.PublishedCache.NuCache/DataSource/BTree.ContentDataSerializer.cs # src/Umbraco.PublishedCache.NuCache/Persistence/NuCacheContentRepository.cs # src/Umbraco.Web.UI.Client/package-lock.json # tests/Umbraco.Tests.AcceptanceTest/package-lock.json # tests/Umbraco.Tests.AcceptanceTest/package.json # tests/Umbraco.Tests.Integration/Umbraco.Infrastructure/Services/ContentServiceTests.cs
2021-11-22 19:43:20 +01:00
parent 61f459670c 351c37abc0
commit 78dc2d5721
533 changed files with 22641 additions and 49115 deletions
--- a/src/Umbraco.Web.BackOffice/Security/BackOfficeSignInManager.cs
+++ b/src/Umbraco.Web.BackOffice/Security/BackOfficeSignInManager.cs
@@ -77,7 +77,8 @@ namespace Umbraco.Cms.Web.BackOffice.Security
                var shouldSignIn = autoLinkOptions.OnExternalLogin(user, loginInfo);
                if (shouldSignIn == false)
                {
-                    Logger.LogWarning("The AutoLinkOptions of the external authentication provider '{LoginProvider}' have refused the login based on the OnExternalLogin method. Affected user id: '{UserId}'", loginInfo.LoginProvider, user.Id);
+                    LogFailedExternalLogin(loginInfo, user);
+                    return ExternalLoginSignInResult.NotAllowed;
                }
            }

@@ -192,7 +193,16 @@ namespace Umbraco.Cms.Web.BackOffice.Security
                        return AutoLinkSignInResult.FailedException(ex.Message);
                    }

-                    return await LinkUser(autoLinkUser, loginInfo);
+                    var shouldLinkUser = autoLinkOptions.OnExternalLogin == null || autoLinkOptions.OnExternalLogin(autoLinkUser, loginInfo);
+                    if (shouldLinkUser)
+                    {
+                        return await LinkUser(autoLinkUser, loginInfo);
+                    }
+                    else
+                    {
+                        LogFailedExternalLogin(loginInfo, autoLinkUser);
+                        return ExternalLoginSignInResult.NotAllowed;
+                    }
                }
                else
                {
@@ -225,7 +235,16 @@ namespace Umbraco.Cms.Web.BackOffice.Security
                    }
                    else
                    {
-                        return await LinkUser(autoLinkUser, loginInfo);
+                        var shouldLinkUser = autoLinkOptions.OnExternalLogin == null || autoLinkOptions.OnExternalLogin(autoLinkUser, loginInfo);
+                        if (shouldLinkUser)
+                        {
+                            return await LinkUser(autoLinkUser, loginInfo);
+                        }
+                        else
+                        {
+                            LogFailedExternalLogin(loginInfo, autoLinkUser);
+                            return ExternalLoginSignInResult.NotAllowed;
+                        }
                    }
                }
            }
@@ -264,5 +283,8 @@ namespace Umbraco.Cms.Web.BackOffice.Security
                return AutoLinkSignInResult.FailedLinkingUser(errors);
            }
        }
+
+        private void LogFailedExternalLogin(ExternalLoginInfo loginInfo, BackOfficeIdentityUser user) =>
+            Logger.LogWarning("The AutoLinkOptions of the external authentication provider '{LoginProvider}' have refused the login based on the OnExternalLogin method. Affected user id: '{UserId}'", loginInfo.LoginProvider, user.Id);
    }
 }
--- a/src/Umbraco.Web.BackOffice/Security/ConfigureBackOfficeCookieOptions.cs
+++ b/src/Umbraco.Web.BackOffice/Security/ConfigureBackOfficeCookieOptions.cs
@@ -36,7 +36,6 @@ namespace Umbraco.Cms.Web.BackOffice.Security
        private readonly ISystemClock _systemClock;
        private readonly UmbracoRequestPaths _umbracoRequestPaths;
        private readonly IBasicAuthService _basicAuthService;
-        private readonly IOptionsMonitor<BasicAuthSettings> _optionsSnapshot;

        /// <summary>
        /// Initializes a new instance of the <see cref="ConfigureBackOfficeCookieOptions"/> class.
--- a/src/Umbraco.Web.BackOffice/Security/ExternalLoginSignInResult.cs
+++ b/src/Umbraco.Web.BackOffice/Security/ExternalLoginSignInResult.cs
@@ -0,0 +1,15 @@
+using Microsoft.AspNetCore.Identity;
+
+namespace Umbraco.Cms.Web.BackOffice.Security
+{
+    /// <summary>
+    /// Result returned from signing in when external logins are used.
+    /// </summary>
+    public class ExternalLoginSignInResult : SignInResult
+    {
+        public static ExternalLoginSignInResult NotAllowed { get; } = new ExternalLoginSignInResult()
+        {
+            Succeeded = false
+        };
+    }
+}