pokashumbraco/POKASH/Keycloak/Configuration/KeycloakMemberExternalLoginProviderOptions.cs

using Microsoft.Extensions.Options;
using Umbraco.Cms.Core;
using Umbraco.Cms.Web.BackOffice.Security;

namespace Umbraco.KeycloakShowcase.Web.Configuration;

public class KeycloakMemberExternalLoginProviderOptions : IConfigureNamedOptions<BackOfficeExternalLoginProviderOptions>
{
    public const string SchemeName = "Keycloak";
    public void Configure(string? name, BackOfficeExternalLoginProviderOptions options)
    {
        Console.WriteLine("Configure");
        if (name != Constants.Security.BackOfficeExternalAuthenticationTypePrefix + SchemeName)
        {
            return;
        }

        Configure(options);
    }

    public void Configure(BackOfficeExternalLoginProviderOptions options)
    {
        options.AutoLinkOptions = new ExternalSignInAutoLinkOptions(
            // Set to true to enable auto-linking
            autoLinkExternalAccount: true,

            // [OPTIONAL]
            // Default: "Editor"
            // Specify User Group.
            defaultUserGroups: new[] { Constants.Security.EditorGroupAlias },

            // [OPTIONAL]
            // Default: The culture specified in appsettings.json.
            // Specify the default culture to create the User as.
            // It can be dynamically assigned in the OnAutoLinking callback.
            defaultCulture: null,

            // [OPTIONAL]
            // Enable the ability to link/unlink manually from within
            // the Umbraco backoffice.
            // Set this to false if you don't want the user to unlink
            // from this external login provider.
            allowManualLinking: true
        )
        {
            // Optional callback
            OnAutoLinking = (autoLinkUser, loginInfo) =>
            {
                // You can customize the member before it's linked.
                // i.e. Modify the member's groups based on the Claims returned
                // in the externalLogin info
            },
            OnExternalLogin = (user, loginInfo) =>
            {
                // You can customize the member before it's saved whenever they have
                // logged in with the external provider.
                // i.e. Sync the member's name based on the Claims returned
                // in the externalLogin info
                
                return true; //returns a boolean indicating if sign in should continue or not.
            }
        };
    }
        
}