Implement a default service to link local user accounts with external ones during the registration process

src/OrchardCore.Modules/OrchardCore.Users/Controllers/AccountController.cs

@@ -52,6 +52,7 @@ public class AccountController : AccountBaseController
         private readonly IClock _clock;
         private readonly IDistributedCache _distributedCache;
         private readonly IEnumerable<IExternalLoginEventHandler> _externalLoginHandlers;
+        private readonly IEnumerable<IUserToExternalLoginProvider> _externalLoginUserLocator;
 
         private static readonly JsonMergeSettings _jsonMergeSettings = new()
         {
@@ -78,7 +79,8 @@ public class AccountController : AccountBaseController
             IShellFeaturesManager shellFeaturesManager,
             IDisplayManager<LoginForm> loginFormDisplayManager,
             IUpdateModelAccessor updateModelAccessor,
-            IEnumerable<IExternalLoginEventHandler> externalLoginHandlers)
+            IEnumerable<IExternalLoginEventHandler> externalLoginHandlers,
+            IEnumerable<IUserToExternalLoginProvider> externalLoginUserLocator)
         {
             _signInManager = signInManager;
             _userManager = userManager;
@@ -94,6 +96,8 @@ public class AccountController : AccountBaseController
             _loginFormDisplayManager = loginFormDisplayManager;
             _updateModelAccessor = updateModelAccessor;
             _externalLoginHandlers = externalLoginHandlers;
+            // Reverse the order of services to prioritize external services first, placing them before the default implementation.
+            _externalLoginUserLocator = externalLoginUserLocator.Reverse();
 
             H = htmlLocalizer;
             S = stringLocalizer;
@@ -296,7 +300,6 @@ public async Task<IActionResult> ChangePassword(ChangePasswordViewModel model, s
         public IActionResult ChangePasswordConfirmation()
             => View();
 
-
         [HttpPost]
         [AllowAnonymous]
         [ValidateAntiForgeryToken]
@@ -316,7 +319,7 @@ private async Task<SignInResult> ExternalLoginSignInAsync(IUser user, ExternalLo
             var userInfo = user as User;
 
             var context = new UpdateUserContext(user, info.LoginProvider, externalClaims, userInfo.Properties)
-            { 
+            {
                 UserClaims = userInfo.UserClaims,
                 UserRoles = userRoles,
             };
@@ -402,11 +405,9 @@ public async Task<IActionResult> ExternalLoginCallback(string returnUrl = null,
             }
             else
             {
-                var email = info.Principal.FindFirstValue(ClaimTypes.Email) ?? info.Principal.FindFirstValue("email");
-
-                if (!string.IsNullOrWhiteSpace(email))
-                {
-                    iUser = await _userManager.FindByEmailAsync(email);
+                var userLocator = _externalLoginUserLocator.Where(x => x.CanHandle(info)).FirstOrDefault();
+                if (userLocator != null) {
+                    iUser = await userLocator.GetUserAsync(info);
                 }
 
                 ViewData["ReturnUrl"] = returnUrl;
@@ -427,7 +428,14 @@ public async Task<IActionResult> ExternalLoginCallback(string returnUrl = null,
 
                     // Link external login to an existing user
                     ViewData["UserName"] = iUser.UserName;
-                    ViewData["Email"] = email;
+                    if (userLocator != null)
+                    {
+                        ViewData["ExternalUserIdentifier"] = userLocator.GetIdentifierKey(info);
+                    }
+                    else
+                    {
+                        ViewData["ExternalUserIdentifier"] = info.GetEmail();
+                    }
 
                     return View(nameof(LinkExternalLogin));
                 }
@@ -449,7 +457,7 @@ public async Task<IActionResult> ExternalLoginCallback(string returnUrl = null,
 
                         // If registrationSettings.NoUsernameForExternalUsers is true, this username will not be used
                         UserName = await GenerateUsernameAsync(info),
-                        Email = email
+                        Email = info.GetEmail(),
                     };
 
                     // The user doesn't exist and no information required, we can create the account locally
@@ -648,9 +656,9 @@ public async Task<IActionResult> LinkExternalLogin(LinkExternalLoginViewModel mo
 
                 return NotFound();
             }
-            var email = info.Principal.FindFirstValue(ClaimTypes.Email) ?? info.Principal.FindFirstValue("email");
 
-            var user = await _userManager.FindByEmailAsync(email);
+            var userLocator = _externalLoginUserLocator.Where(x => x.CanHandle(info)).FirstOrDefault();
+            var user = await userLocator?.GetUserAsync(info);
 
             if (user == null)
             {

src/OrchardCore.Modules/OrchardCore.Users/Views/Account/LinkExternalLogin.cshtml

@@ -7,7 +7,7 @@
 <form asp-controller="Account" asp-action="LinkExternalLogin" asp-route-returnurl="@ViewData["ReturnUrl"]" method="post" class="form-horizontal no-multisubmit">
     <h4>@T["Link your account."]</h4>
     <p class="text-info">
-        @T["You've successfully authenticated with <strong>{0}</strong>. You already have an account with this email address. Enter your local account password and click the Register button to link the accounts and finish logging in.", ViewData["LoginProvider"]]
+        @T["You've successfully authenticated with <strong>{0}</strong>. You already have an account associated with <strong>{1}</strong>. Enter your local account password and click the Register button to link the accounts and finish logging in.", ViewData["LoginProvider"], ViewData["ExternalUserIdentifier"]]
     </p>
     <hr />
     <div asp-validation-summary="ModelOnly"></div>
@@ -20,9 +20,9 @@
     </div>
 
     <div class="mb-3">
-        <label for="Email" class="col-md-3 form-label">@T["Email"]</label>
+        <label for="ExternalUserIdentifier" class="col-md-3 form-label">@T["The parameter that identify the existing account"]</label>
         <div class="col-md-9">
-            <input id="Email" value="@ViewData["Email"]" class="form-control" disabled />
+            <input id="ExternalUserIdentifier" value="@ViewData["ExternalUserIdentifier"]" class="form-control" disabled />
         </div>
     </div>
 

src/OrchardCore/OrchardCore.Users.Abstractions/Services/IUserToExternalLoginProvider.cs

@@ -0,0 +1,49 @@
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Identity;
+
+namespace OrchardCore.Users;
+
+/// <summary>
+/// Interface <c>IUserToExternalLoginProvider</c> allow to create services used to decide
+/// when link an existing local user account to the login informations that comes from an external
+/// login system like OpenId or GitHub.
+/// </summary>
+public interface IUserToExternalLoginProvider
+{
+    /// <summary>
+    /// Method <c>CanHandle</c> establish if the service that implement this interface can handle
+    /// this kind of external login.
+    /// </summary>
+    /// <param name="info">
+    /// external login information with type and other data to establish if
+    /// service can handle this kind of external login.
+    /// </param>
+    /// <returns>
+    /// True, if the service can handle the external login by the informations in the parameter. False, instead.
+    /// </returns>
+    bool CanHandle(ExternalLoginInfo info);
+
+    /// <summary>
+    /// Method <c>GetUserAsync</c> return a local user account that match the login data in the parameter.
+    /// </summary>
+    /// <param name="info">
+    /// external login information, used to establish if exists a local user account that match login data.
+    /// </param>
+    /// <returns>
+    /// an object that implement <c>IUser</c>, if the exist a local account that match the external login data. Null, instead.
+    /// </returns>
+    Task<IUser> GetUserAsync(ExternalLoginInfo info);
+
+    /// <summary>
+    /// Method <c>GetIdentifierKey</c> return the value of the login data used by the service to
+    /// match a local user account to the external login informations.
+    /// </summary>
+    /// <param name="info">
+    /// external login informations.
+    /// </param>
+    /// <returns>
+    /// a <c>string</c> that is used like an identifier to match an existing local user account.
+    /// Used in the related views to render the value that cause the page display.
+    /// </returns>
+    string GetIdentifierKey(ExternalLoginInfo info);
+}

src/OrchardCore/OrchardCore.Users.Core/Extensions/ExternalLoginInfoExtensions.cs

@@ -0,0 +1,10 @@
+using System.Security.Claims;
+
+namespace Microsoft.AspNetCore.Identity;
+
+public static class ExternalLoginInfoExtensions
+{
+    public static string GetEmail(this ExternalLoginInfo info)
+        => info.Principal.FindFirstValue(ClaimTypes.Email)
+        ?? info.Principal.FindFirstValue("email");
+}

src/OrchardCore/OrchardCore.Users.Core/Extensions/UsersServiceCollectionExtensions.cs

@@ -39,6 +39,8 @@ public static IServiceCollection AddUsers(this IServiceCollection services)
             services.TryAddScoped<IUserAuthenticationTokenStore<IUser>>(sp => sp.GetRequiredService<UserStore>());
             services.TryAddScoped<IUserPhoneNumberStore<IUser>>(sp => sp.GetRequiredService<UserStore>());
 
+            services.AddScoped<IUserToExternalLoginProvider, DefaultUserToExternalLoginProvider>();
+
             services.AddScoped<NullRoleStore>();
             services.TryAddScoped<IRoleClaimStore<IRole>>(sp => sp.GetRequiredService<NullRoleStore>());
             services.TryAddScoped<IRoleStore<IRole>>(sp => sp.GetRequiredService<NullRoleStore>());

src/OrchardCore/OrchardCore.Users.Core/Services/DefaultUserToExternalLoginProvider.cs

@@ -0,0 +1,32 @@
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Identity;
+
+namespace OrchardCore.Users.Services;
+
+public class DefaultUserToExternalLoginProvider : IUserToExternalLoginProvider
+{
+    private readonly UserManager<IUser> _userManager;
+
+    public DefaultUserToExternalLoginProvider(UserManager<IUser> userManager)
+    {
+        _userManager = userManager;
+    }
+
+    public bool CanHandle(ExternalLoginInfo info)
+        => true;
+
+    public async Task<IUser> GetUserAsync(ExternalLoginInfo info)
+    {
+        var email = info.GetEmail();
+
+        if (!string.IsNullOrWhiteSpace(email))
+        {
+            return await _userManager.FindByEmailAsync(email);
+        }
+
+        return null;
+    }
+
+    public string GetIdentifierKey(ExternalLoginInfo info)
+        => info.GetEmail();
+}