Resolved #758: Create a separated package for account module IdentityServer integration

7 years ago · 16df1eacea
11 changed files with 345 additions and 142 deletions
--- a/modules/account/Volo.Abp.Account.sln
+++ b/modules/account/Volo.Abp.Account.sln
@ -7,6 +7,8 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "src", "src", "{B5881429-EFF
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Volo.Abp.Account.Web", "src\Volo.Abp.Account.Web\Volo.Abp.Account.Web.csproj", "{FCAC4354-7B13-4A91-A2F4-04D00F253C91}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Volo.Abp.Account.Web.IdentityServer", "src\Volo.Abp.Account.Web.IdentityServer\Volo.Abp.Account.Web.IdentityServer.csproj", "{841C216F-B0E9-472C-BC19-2C31ADF0664F}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@ -17,12 +19,17 @@ Global
 		{FCAC4354-7B13-4A91-A2F4-04D00F253C91}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{FCAC4354-7B13-4A91-A2F4-04D00F253C91}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{FCAC4354-7B13-4A91-A2F4-04D00F253C91}.Release|Any CPU.Build.0 = Release|Any CPU
+		{841C216F-B0E9-472C-BC19-2C31ADF0664F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{841C216F-B0E9-472C-BC19-2C31ADF0664F}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{841C216F-B0E9-472C-BC19-2C31ADF0664F}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{841C216F-B0E9-472C-BC19-2C31ADF0664F}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
 	EndGlobalSection
 	GlobalSection(NestedProjects) = preSolution
 		{FCAC4354-7B13-4A91-A2F4-04D00F253C91} = {B5881429-EFF7-4F30-8C0B-0AC41E36B74E}
+		{841C216F-B0E9-472C-BC19-2C31ADF0664F} = {B5881429-EFF7-4F30-8C0B-0AC41E36B74E}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {2B054393-D2B2-4EA8-8A15-D60CBCF3E7A9}
--- a/modules/account/src/Volo.Abp.Account.Web.IdentityServer/AbpAccountWebIdentityServerModule.cs
+++ b/modules/account/src/Volo.Abp.Account.Web.IdentityServer/AbpAccountWebIdentityServerModule.cs
@ -0,0 +1,14 @@
+using Volo.Abp.IdentityServer;
+using Volo.Abp.Modularity;
+
+namespace Volo.Abp.Account.Web
+{
+    [DependsOn(
+        typeof(AbpAccountWebModule),
+        typeof(AbpIdentityServerDomainModule)
+        )]
+    public class AbpAccountWebIdentityServerModule : AbpModule
+    {
+
+    }
+}
--- a/modules/account/src/Volo.Abp.Account.Web.IdentityServer/Pages/Account/IdentityServerSupportedLoginModel.cs
+++ b/modules/account/src/Volo.Abp.Account.Web.IdentityServer/Pages/Account/IdentityServerSupportedLoginModel.cs
@ -0,0 +1,239 @@
+using IdentityModel;
+using IdentityServer4.Events;
+using IdentityServer4.Models;
+using IdentityServer4.Services;
+using IdentityServer4.Stores;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Options;
+using System;
+using System.Diagnostics;
+using System.Linq;
+using System.Security.Claims;
+using System.Security.Principal;
+using System.Threading.Tasks;
+using Volo.Abp.DependencyInjection;
+using Volo.Abp.MultiTenancy;
+using Volo.Abp.Uow;
+
+namespace Volo.Abp.Account.Web.Pages.Account
+{
+    [ExposeServices(typeof(LoginModel))]
+    public class IdentityServerSupportedLoginModel : LoginModel
+    {
+        protected IIdentityServerInteractionService Interaction { get; }
+        protected IClientStore ClientStore { get; }
+        protected IEventService IdentityServerEvents { get; }
+
+        public IdentityServerSupportedLoginModel(
+            IAuthenticationSchemeProvider schemeProvider,
+            IOptions<AbpAccountOptions> accountOptions, 
+            IIdentityServerInteractionService interaction, 
+            IClientStore clientStore, 
+            IEventService identityServerEvents)
+            :base(
+                schemeProvider, 
+                accountOptions)
+        {
+            _schemeProvider = schemeProvider;
+            Interaction = interaction;
+            ClientStore = clientStore;
+            IdentityServerEvents = identityServerEvents;
+            _accountOptions = accountOptions.Value;
+        }
+
+        public override async Task OnGetAsync()
+        {
+            LoginInput = new LoginInputModel();
+
+            var context = await Interaction.GetAuthorizationContextAsync(ReturnUrl);
+
+            if (context != null)
+            {
+                LoginInput.UserNameOrEmailAddress = context.LoginHint;
+
+                //TODO: Reference AspNetCore MultiTenancy module and use options to get the tenant key!
+                var tenant = context.Parameters[TenantResolverConsts.DefaultTenantKey];
+                if (string.IsNullOrEmpty(tenant))
+                {
+                    if (Request.Cookies.ContainsKey(TenantResolverConsts.DefaultTenantKey))
+                    {
+                        CurrentTenant.Change(null);
+                        Response.Cookies.Delete(TenantResolverConsts.DefaultTenantKey);
+                    }
+                }
+                else
+                {
+                    CurrentTenant.Change(Guid.Parse(tenant));
+                    Response.Cookies.Append(TenantResolverConsts.DefaultTenantKey, tenant);
+                }
+            }
+
+            if (context?.IdP != null)
+            {
+                LoginInput.UserNameOrEmailAddress = context.LoginHint;
+                ExternalProviders = new[] { new ExternalProviderModel { AuthenticationScheme = context.IdP } };
+                return;
+            }
+
+            var schemes = await _schemeProvider.GetAllSchemesAsync();
+
+            var providers = schemes
+                .Where(x => x.DisplayName != null || x.Name.Equals(_accountOptions.WindowsAuthenticationSchemeName, StringComparison.OrdinalIgnoreCase))
+                .Select(x => new ExternalProviderModel
+                {
+                    DisplayName = x.DisplayName,
+                    AuthenticationScheme = x.Name
+                })
+                .ToList();
+
+            EnableLocalLogin = true; //TODO: We can get default from a setting?
+            if (context?.ClientId != null)
+            {
+                var client = await ClientStore.FindEnabledClientByIdAsync(context.ClientId);
+                if (client != null)
+                {
+                    EnableLocalLogin = client.EnableLocalLogin;
+
+                    if (client.IdentityProviderRestrictions != null && client.IdentityProviderRestrictions.Any())
+                    {
+                        providers = providers.Where(provider => client.IdentityProviderRestrictions.Contains(provider.AuthenticationScheme)).ToList();
+                    }
+                }
+            }
+
+            ExternalProviders = providers.ToArray();
+
+            if (IsExternalLoginOnly)
+            {
+                //return await ExternalLogin(vm.ExternalLoginScheme, returnUrl);
+                throw new NotImplementedException();
+            }
+        }
+
+        [UnitOfWork] //TODO: Will be removed when we implement action filter
+        public override async Task<IActionResult> OnPostAsync(string action)
+        {
+            EnableLocalLogin = true; //TODO: We can get default from a setting?
+
+            if (action == "Cancel")
+            {
+                var context = await Interaction.GetAuthorizationContextAsync(ReturnUrl);
+                if (context == null)
+                {
+                    return Redirect("~/");
+                }
+
+                await Interaction.GrantConsentAsync(context, ConsentResponse.Denied);
+
+                return Redirect(ReturnUrl);
+            }
+
+            ValidateModel();
+
+            await ReplaceEmailToUsernameOfInputIfNeeds();
+
+            var result = await SignInManager.PasswordSignInAsync(
+                LoginInput.UserNameOrEmailAddress,
+                LoginInput.Password,
+                LoginInput.RememberMe,
+                true
+            );
+
+            if (result.RequiresTwoFactor)
+            {
+                return RedirectToPage("./SendSecurityCode", new
+                {
+                    returnUrl = ReturnUrl,
+                    returnUrlHash = ReturnUrlHash,
+                    rememberMe = LoginInput.RememberMe
+                });
+            }
+
+            if (result.IsLockedOut)
+            {
+                Alerts.Warning(L["UserLockedOutMessage"]);
+                return Page();
+            }
+
+            if (result.RequiresTwoFactor)
+            {
+                return RedirectToPage("./SendSecurityCode");
+            }
+
+            if (result.IsNotAllowed)
+            {
+                Alerts.Warning(L["LoginIsNotAllowed"]);
+                return Page();
+            }
+
+            if (!result.Succeeded)
+            {
+                Alerts.Danger(L["InvalidUserNameOrPassword"]);
+                return Page();
+            }
+
+            //TODO: Find a way of getting user's id from the logged in user and do not query it again like that!
+            var user = await UserManager.FindByNameAsync(LoginInput.UserNameOrEmailAddress) ??
+                       await UserManager.FindByEmailAsync(LoginInput.UserNameOrEmailAddress);
+
+            Debug.Assert(user != null, nameof(user) + " != null");
+            await IdentityServerEvents.RaiseAsync(new UserLoginSuccessEvent(user.UserName, user.Id.ToString(), user.UserName)); //TODO: Use user's name once implemented
+
+            return RedirectSafely(ReturnUrl, ReturnUrlHash);
+        }
+
+        [UnitOfWork]
+        public override async Task<IActionResult> OnPostExternalLogin(string provider)
+        {
+            if (_accountOptions.WindowsAuthenticationSchemeName == provider)
+            {
+                return await ProcessWindowsLoginAsync();
+            }
+
+            return await base.OnPostExternalLogin(provider);
+        }
+
+        private async Task<IActionResult> ProcessWindowsLoginAsync()
+        {
+            var result = await HttpContext.AuthenticateAsync(_accountOptions.WindowsAuthenticationSchemeName);
+            if (!(result?.Principal is WindowsPrincipal windowsPrincipal))
+            {
+                return Challenge(_accountOptions.WindowsAuthenticationSchemeName);
+            }
+
+            var props = new AuthenticationProperties
+            {
+                RedirectUri = Url.Page("./Login", pageHandler: "ExternalLoginCallback", values: new { ReturnUrl, ReturnUrlHash }),
+                Items =
+                {
+                    {"scheme", _accountOptions.WindowsAuthenticationSchemeName},
+                }
+            };
+
+            var identity = new ClaimsIdentity(_accountOptions.WindowsAuthenticationSchemeName);
+            identity.AddClaim(new Claim(JwtClaimTypes.Subject, windowsPrincipal.Identity.Name));
+            identity.AddClaim(new Claim(JwtClaimTypes.Name, windowsPrincipal.Identity.Name));
+
+            //TODO: Consider to add Windows groups the the identity
+            //if (_accountOptions.IncludeWindowsGroups)
+            //{
+            //    var windowsIdentity = windowsPrincipal.Identity as WindowsIdentity;
+            //    if (windowsIdentity != null)
+            //    {
+            //        var groups = windowsIdentity.Groups?.Translate(typeof(NTAccount));
+            //        var roles = groups.Select(x => new Claim(JwtClaimTypes.Role, x.Value));
+            //        identity.AddClaims(roles);
+            //    }
+            //}
+
+            await HttpContext.SignInAsync(
+                IdentityServer4.IdentityServerConstants.ExternalCookieAuthenticationScheme,
+                new ClaimsPrincipal(identity),
+                props
+            );
+
+            return RedirectSafely(props.RedirectUri);
+        }
+    }
+}
--- a/modules/account/src/Volo.Abp.Account.Web.IdentityServer/Pages/Account/_ViewImports.cshtml
+++ b/modules/account/src/Volo.Abp.Account.Web.IdentityServer/Pages/Account/_ViewImports.cshtml
@ -0,0 +1,2 @@
+@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers
+@addTagHelper *, Volo.Abp.AspNetCore.Mvc.UI.Bootstrap
--- a/modules/account/src/Volo.Abp.Account.Web.IdentityServer/Properties/launchSettings.json
+++ b/modules/account/src/Volo.Abp.Account.Web.IdentityServer/Properties/launchSettings.json
@ -0,0 +1,27 @@
+{
+  "iisSettings": {
+    "windowsAuthentication": false,
+    "anonymousAuthentication": true,
+    "iisExpress": {
+      "applicationUrl": "http://localhost:49583/",
+      "sslPort": 0
+    }
+  },
+  "profiles": {
+    "IIS Express": {
+      "commandName": "IISExpress",
+      "launchBrowser": true,
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    },
+    "Volo.Abp.Account.Web.IdentityServer": {
+      "commandName": "Project",
+      "launchBrowser": true,
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      },
+      "applicationUrl": "http://localhost:49584/"
+    }
+  }
+}
--- a/modules/account/src/Volo.Abp.Account.Web.IdentityServer/Volo.Abp.Account.Web.IdentityServer.csproj
+++ b/modules/account/src/Volo.Abp.Account.Web.IdentityServer/Volo.Abp.Account.Web.IdentityServer.csproj
@ -0,0 +1,33 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <Import Project="..\..\..\..\common.props" />
+
+  <PropertyGroup>
+    <TargetFramework>netstandard2.0</TargetFramework>
+    <AssemblyName>Volo.Abp.Account.Web.IdentityServer</AssemblyName>
+    <PackageId>Volo.Abp.Account.Web.IdentityServer</PackageId>
+    <IsPackable>true</IsPackable>
+    <AssetTargetFallback>$(AssetTargetFallback);portable-net45+win8+wp8+wpa81;</AssetTargetFallback>
+    <GenerateAssemblyConfigurationAttribute>false</GenerateAssemblyConfigurationAttribute>
+    <GenerateAssemblyCompanyAttribute>false</GenerateAssemblyCompanyAttribute>
+    <GenerateAssemblyProductAttribute>false</GenerateAssemblyProductAttribute>
+    <RootNamespace>Volo.Abp.Account.Web</RootNamespace>
+    <OutputType>Library</OutputType>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <EmbeddedResource Include="Pages\**\*.*" Exclude="*.cs" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <Content Remove="Properties\launchSettings.json" />
+    <EmbeddedResource Remove="Pages\Account\IdentityServerSupportedLoginModel.cs" />
+    <None Include="Properties\launchSettings.json" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\..\..\identityserver\src\Volo.Abp.IdentityServer.Domain\Volo.Abp.IdentityServer.Domain.csproj" />
+    <ProjectReference Include="..\Volo.Abp.Account.Web\Volo.Abp.Account.Web.csproj" />
+  </ItemGroup>
+
+</Project>
--- a/modules/account/src/Volo.Abp.Account.Web/AbpAccountWebModule.cs
+++ b/modules/account/src/Volo.Abp.Account.Web/AbpAccountWebModule.cs
@ -6,7 +6,6 @@ using Volo.Abp.AspNetCore.Mvc.Localization;
 using Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared;
 using Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Toolbars;
 using Volo.Abp.Identity.AspNetCore;
-using Volo.Abp.IdentityServer;
 using Volo.Abp.Localization;
 using Volo.Abp.Localization.Resources.AbpValidation;
 using Volo.Abp.Modularity;
@ -18,8 +17,7 @@ namespace Volo.Abp.Account.Web
 {
    [DependsOn(
        typeof(AbpIdentityAspNetCoreModule),
-        typeof(AbpAspNetCoreMvcUiThemeSharedModule),
-        typeof(AbpIdentityServerDomainModule)
+        typeof(AbpAspNetCoreMvcUiThemeSharedModule)
        )]
    public class AbpAccountWebModule : AbpModule
    {
--- a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml
+++ b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml
@ -30,7 +30,7 @@
    <div style="padding-top: 20px">
        @if (string.Equals(await SettingManager.GetOrNullAsync(AccountSettingNames.IsSelfRegistrationEnabled), "true", StringComparison.OrdinalIgnoreCase))
        {
-            <a href="@Url.Page("./Register", new {returnUrl = Model.ReturnUrl, returnUrlHash = Model.ReturnUrlHash})">Register</a><text>  | </text>
+            <a href="@Url.Page("./Register", new {returnUrl = Model.ReturnUrl, returnUrlHash = Model.ReturnUrlHash})">Register</a>
        }
    </div>
 }
--- a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml.cs
+++ b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml.cs
@ -1,23 +1,16 @@
-using System;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using System;
 using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
 using System.Diagnostics;
 using System.Linq;
 using System.Security.Claims;
-using System.Security.Principal;
 using System.Threading.Tasks;
-using IdentityModel;
-using IdentityServer4.Events;
-using IdentityServer4.Models;
-using IdentityServer4.Services;
-using IdentityServer4.Stores;
-using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Identity;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.Logging;
-using Microsoft.Extensions.Options;
 using Volo.Abp.Identity;
-using Volo.Abp.MultiTenancy;
 using Volo.Abp.Security.Claims;
 using Volo.Abp.Uow;
 using Volo.Abp.Validation;
@ -39,8 +32,6 @@ namespace Volo.Abp.Account.Web.Pages.Account

        public bool EnableLocalLogin { get; set; }

-        public IList<AuthenticationScheme> ExternalLogins { get; set; } //TODO: Used?
-
        //TODO: Why there is an ExternalProviders if only the VisibleExternalProviders is used.
        public IEnumerable<ExternalProviderModel> ExternalProviders { get; set; }
        public IEnumerable<ExternalProviderModel> VisibleExternalProviders => ExternalProviders.Where(x => !String.IsNullOrWhiteSpace(x.DisplayName));
@ -48,60 +39,26 @@ namespace Volo.Abp.Account.Web.Pages.Account
        public bool IsExternalLoginOnly => EnableLocalLogin == false && ExternalProviders?.Count() == 1;
        public string ExternalLoginScheme => IsExternalLoginOnly ? ExternalProviders?.SingleOrDefault()?.AuthenticationScheme : null;

-        private readonly IIdentityServerInteractionService _interaction;
-        private readonly IAuthenticationSchemeProvider _schemeProvider;
-        private readonly AbpAccountOptions _accountOptions;
-        private readonly IClientStore _clientStore;
-        private readonly IEventService _identityServerEvents;
+        //Optional IdentityServer services
+        //public IIdentityServerInteractionService Interaction { get; set; }
+        //public IClientStore ClientStore { get; set; }
+        //public IEventService IdentityServerEvents { get; set; }
+
+        protected IAuthenticationSchemeProvider _schemeProvider;
+        protected AbpAccountOptions _accountOptions;

        public LoginModel(
-            IIdentityServerInteractionService interaction, 
-            IAuthenticationSchemeProvider schemeProvider, 
-            IOptions<AbpAccountOptions> accountOptions,
-            IClientStore clientStore, 
-            IEventService identityServerEvents)
+            IAuthenticationSchemeProvider schemeProvider,
+            IOptions<AbpAccountOptions> accountOptions)
        {
-            _interaction = interaction;
            _schemeProvider = schemeProvider;
-            _clientStore = clientStore;
-            _identityServerEvents = identityServerEvents;
            _accountOptions = accountOptions.Value;
        }

-        public async Task OnGetAsync()
+        public virtual async Task OnGetAsync()
        {
            LoginInput = new LoginInputModel();

-            var context = await _interaction.GetAuthorizationContextAsync(ReturnUrl);
-
-            if (context != null)
-            {
-                LoginInput.UserNameOrEmailAddress = context.LoginHint;
-
-                //TODO: Reference AspNetCore MultiTenancy module and use options to get the tenant key!
-                var tenant = context.Parameters[TenantResolverConsts.DefaultTenantKey];
-                if (string.IsNullOrEmpty(tenant))
-                {
-                    if (Request.Cookies.ContainsKey(TenantResolverConsts.DefaultTenantKey))
-                    {
-                        CurrentTenant.Change(null);
-                        Response.Cookies.Delete(TenantResolverConsts.DefaultTenantKey);
-                    }
-                }
-                else
-                {
-                    CurrentTenant.Change(Guid.Parse(tenant));
-                    Response.Cookies.Append(TenantResolverConsts.DefaultTenantKey, tenant);
-                }
-            }
-
-            if (context?.IdP != null)
-            {
-                LoginInput.UserNameOrEmailAddress = context.LoginHint;
-                ExternalProviders = new[] { new ExternalProviderModel { AuthenticationScheme = context.IdP } };
-                return;
-            }
-
            var schemes = await _schemeProvider.GetAllSchemesAsync();

            var providers = schemes
@ -114,20 +71,7 @@ namespace Volo.Abp.Account.Web.Pages.Account
                .ToList();

            EnableLocalLogin = true; //TODO: We can get default from a setting?
-            if (context?.ClientId != null)
-            {
-                var client = await _clientStore.FindEnabledClientByIdAsync(context.ClientId);
-                if (client != null)
-                {
-                    EnableLocalLogin = client.EnableLocalLogin;
-
-                    if (client.IdentityProviderRestrictions != null && client.IdentityProviderRestrictions.Any())
-                    {
-                        providers = providers.Where(provider => client.IdentityProviderRestrictions.Contains(provider.AuthenticationScheme)).ToList();
-                    }
-                }
-            }
-
+            
            ExternalProviders = providers.ToArray();

            if (IsExternalLoginOnly)
@ -135,7 +79,6 @@ namespace Volo.Abp.Account.Web.Pages.Account
                //return await ExternalLogin(vm.ExternalLoginScheme, returnUrl);
                throw new NotImplementedException();
            }
-
        }

        [UnitOfWork] //TODO: Will be removed when we implement action filter
@ -143,18 +86,6 @@ namespace Volo.Abp.Account.Web.Pages.Account
        {
            EnableLocalLogin = true; //TODO: We can get default from a setting?

-            if (action == "Cancel")
-            {
-                var context = await _interaction.GetAuthorizationContextAsync(ReturnUrl);
-                if (context == null)
-                {
-                    return Redirect("~/");
-                }
-
-                await _interaction.GrantConsentAsync(context, ConsentResponse.Denied);
-                return Redirect(ReturnUrl);
-            }
-
            ValidateModel();

            await ReplaceEmailToUsernameOfInputIfNeeds();
@ -204,7 +135,6 @@ namespace Volo.Abp.Account.Web.Pages.Account
                       await UserManager.FindByEmailAsync(LoginInput.UserNameOrEmailAddress);

            Debug.Assert(user != null, nameof(user) + " != null");
-            await _identityServerEvents.RaiseAsync(new UserLoginSuccessEvent(user.UserName, user.Id.ToString(), user.UserName)); //TODO: Use user's name once implemented

            return RedirectSafely(ReturnUrl, ReturnUrlHash);
        }
@ -212,11 +142,6 @@ namespace Volo.Abp.Account.Web.Pages.Account
        [UnitOfWork]
        public virtual async Task<IActionResult> OnPostExternalLogin(string provider)
        {
-            if (_accountOptions.WindowsAuthenticationSchemeName == provider)
-            {
-                return await ProcessWindowsLoginAsync();
-            }
-
            var redirectUrl = Url.Page("./Login", pageHandler: "ExternalLoginCallback", values: new { ReturnUrl, ReturnUrlHash });
            var properties = SignInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl);
            properties.Items["scheme"] = provider;
@ -277,7 +202,7 @@ namespace Volo.Abp.Account.Web.Pages.Account
            return RedirectSafely(returnUrl, returnUrlHash);
        }

-        private async Task<IdentityUser> CreateExternalUserAsync(ExternalLoginInfo info)
+        protected virtual async Task<IdentityUser> CreateExternalUserAsync(ExternalLoginInfo info)
        {
            var emailAddress = info.Principal.FindFirstValue(AbpClaimTypes.Email);

@ -290,7 +215,7 @@ namespace Volo.Abp.Account.Web.Pages.Account
            return user;
        }

-        private async Task ReplaceEmailToUsernameOfInputIfNeeds()
+        protected virtual async Task ReplaceEmailToUsernameOfInputIfNeeds()
        {
            if (!ValidationHandler.IsValidEmailAddress(LoginInput.UserNameOrEmailAddress))
            {
@ -312,48 +237,6 @@ namespace Volo.Abp.Account.Web.Pages.Account
            LoginInput.UserNameOrEmailAddress = userByEmail.UserName;
        }

-        private async Task<IActionResult> ProcessWindowsLoginAsync()
-        {
-            var result = await HttpContext.AuthenticateAsync(_accountOptions.WindowsAuthenticationSchemeName);
-            if (!(result?.Principal is WindowsPrincipal windowsPrincipal))
-            {
-                return Challenge(_accountOptions.WindowsAuthenticationSchemeName);
-            }
-
-            var props = new AuthenticationProperties
-            {
-                RedirectUri = Url.Page("./Login", pageHandler: "ExternalLoginCallback", values: new { ReturnUrl, ReturnUrlHash }),
-                Items =
-                {
-                    {"scheme", _accountOptions.WindowsAuthenticationSchemeName},
-                }
-            };
-
-            var identity = new ClaimsIdentity(_accountOptions.WindowsAuthenticationSchemeName);
-            identity.AddClaim(new Claim(JwtClaimTypes.Subject, windowsPrincipal.Identity.Name));
-            identity.AddClaim(new Claim(JwtClaimTypes.Name, windowsPrincipal.Identity.Name));
-
-            //TODO: Consider to add Windows groups the the identity
-            //if (_accountOptions.IncludeWindowsGroups)
-            //{
-            //    var windowsIdentity = windowsPrincipal.Identity as WindowsIdentity;
-            //    if (windowsIdentity != null)
-            //    {
-            //        var groups = windowsIdentity.Groups?.Translate(typeof(NTAccount));
-            //        var roles = groups.Select(x => new Claim(JwtClaimTypes.Role, x.Value));
-            //        identity.AddClaims(roles);
-            //    }
-            //}
-
-            await HttpContext.SignInAsync(
-                IdentityServer4.IdentityServerConstants.ExternalCookieAuthenticationScheme,
-                new ClaimsPrincipal(identity),
-                props
-            );
-
-            return RedirectSafely(props.RedirectUri);
-        }
-
        public class LoginInputModel
        {
            [Required]
@ -364,7 +247,7 @@ namespace Volo.Abp.Account.Web.Pages.Account
            [StringLength(IdentityUserConsts.MaxPasswordLength)]
            [DataType(DataType.Password)]
            public string Password { get; set; }
-            
+
            public bool RememberMe { get; set; }
        }

--- a/modules/account/src/Volo.Abp.Account.Web/Volo.Abp.Account.Web.csproj
+++ b/modules/account/src/Volo.Abp.Account.Web/Volo.Abp.Account.Web.csproj
@ -32,7 +32,6 @@
  <ItemGroup>
    <ProjectReference Include="..\..\..\identity\src\Volo.Abp.Identity.AspNetCore\Volo.Abp.Identity.AspNetCore.csproj" />
    <ProjectReference Include="..\..\..\..\framework\src\Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared\Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.csproj" />
-    <ProjectReference Include="..\..\..\identityserver\src\Volo.Abp.IdentityServer.Domain\Volo.Abp.IdentityServer.Domain.csproj" />
  </ItemGroup>

 </Project>
--- a/nupkg/common.ps1
+++ b/nupkg/common.ps1
@ -144,6 +144,7 @@ $projects = (

    # modules/account
    "modules/account/src/Volo.Abp.Account.Web",
+    "modules/account/src/Volo.Abp.Account.Web.IdentityServer",
    
    # modules/docs
    "modules/docs/src/Volo.Docs.Application",