From ec9bd33ab57104728193d78b4fc46707765889c0 Mon Sep 17 00:00:00 2001
From: Sebastian Stehle <sebastian@squidex.io>
Date: Thu, 4 Jan 2018 18:07:31 +0100
Subject: [PATCH] Portal link fixed

---
 .../PortalDashboardAuthenticationMiddleware.cs           | 8 ++++++--
 .../Areas/Portal/Middlewares/PortalRedirectMiddleware.cs | 9 ++++++---
 .../Config/Authentication/IdentityServerServices.cs      | 1 +
 3 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/src/Squidex/Areas/Portal/Middlewares/PortalDashboardAuthenticationMiddleware.cs b/src/Squidex/Areas/Portal/Middlewares/PortalDashboardAuthenticationMiddleware.cs
index 2acd9496a..8082bff7b 100644
--- a/src/Squidex/Areas/Portal/Middlewares/PortalDashboardAuthenticationMiddleware.cs
+++ b/src/Squidex/Areas/Portal/Middlewares/PortalDashboardAuthenticationMiddleware.cs
@@ -29,13 +29,17 @@ namespace Squidex.Areas.Portal.Middlewares
 
             if (!authentication.Succeeded)
             {
-                await context.ChallengeAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
+                var properties = new AuthenticationProperties
                 {
                     RedirectUri = context.Request.PathBase + context.Request.Path
-                });
+                };
+
+                await context.ChallengeAsync(OpenIdConnectDefaults.AuthenticationScheme, properties);
             }
             else
             {
+                context.User = authentication.Principal;
+
                 await next(context);
             }
         }
diff --git a/src/Squidex/Areas/Portal/Middlewares/PortalRedirectMiddleware.cs b/src/Squidex/Areas/Portal/Middlewares/PortalRedirectMiddleware.cs
index a17190981..36190b1af 100644
--- a/src/Squidex/Areas/Portal/Middlewares/PortalRedirectMiddleware.cs
+++ b/src/Squidex/Areas/Portal/Middlewares/PortalRedirectMiddleware.cs
@@ -6,10 +6,10 @@
 //  All rights reserved.
 // ==========================================================================
 
+using System.Security.Claims;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Http;
 using Squidex.Domain.Apps.Entities.Apps.Services;
-using Squidex.Infrastructure.Security;
 
 namespace Squidex.Areas.Portal.Middlewares
 {
@@ -26,9 +26,12 @@ namespace Squidex.Areas.Portal.Middlewares
         {
             if (context.Request.Path == "/")
             {
-                var userId = context.User.FindFirst(OpenIdClaims.Subject).Value;
+                var userIdClaim = context.User.FindFirst(ClaimTypes.NameIdentifier);
 
-                context.Response.RedirectToAbsoluteUrl(await appPlansBillingManager.GetPortalLinkAsync(userId));
+                if (userIdClaim != null)
+                {
+                    context.Response.RedirectToAbsoluteUrl(await appPlansBillingManager.GetPortalLinkAsync(userIdClaim.Value));
+                }
             }
         }
     }
diff --git a/src/Squidex/Config/Authentication/IdentityServerServices.cs b/src/Squidex/Config/Authentication/IdentityServerServices.cs
index 10341e861..ec72f3ed1 100644
--- a/src/Squidex/Config/Authentication/IdentityServerServices.cs
+++ b/src/Squidex/Config/Authentication/IdentityServerServices.cs
@@ -51,6 +51,7 @@ namespace Squidex.Config.Authentication
                     options.ClientSecret = Constants.InternalClientSecret;
                     options.RequireHttpsMetadata = identityOptions.RequiresHttps;
                     options.SaveTokens = true;
+                    options.Scope.Add(Constants.ProfileScope);
                     options.Scope.Add(Constants.RoleScope);
                     options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                 });