I have set up the use of Active Directory in my project.
Configuration.Modules.Zero().UserManagement.ExternalAuthenticationSources.Add<SsoAuthenticationSource>();
So when I attempt to log in the following line is called in my AccountController:
var loginResult = await _logInManager.LoginAsync(usernameOrEmailAddress, password, tenancyName);
This then calls the DefaultExternalAuthenticationSource.TryAuthenticateAsync method which has been overridden in the SsoAuthenticationSource.
The base class DefaultExternalAuthenticationSource then creates a user in the system successfully.
My issue is that the user is automatically assigned the admin role. I want the user to be created with no roles, as I will be handling role assigning further in the code when I check what AD groups they are a part of.
I have tried overriding the DefaultExternalAuthenticationSource.CreateUserAsync method but get the following error:
Cannot insert explicit value for identity column in table 'AbpUsers' when IDENTITY_INSERT is set to OFF.
Even though I'm not attempting to input a value for that, as the _userManager.CreateAsync(user) method handles that.
I had a role set up with 'Default' marked as true, so ABP seems to automatically assign these 'Default' roles when creating a user through this way.