We have an internally-developed user module. It's quite extensive, but we want to update it to use ASP.NET Identity v2.x so that we can get the following benefits: Owin, External Logins, Claims-based identity, OAuth2 authentication, and two-factor authentication. That's a lot of good.
However, I'm stuck on implementing certain aspects.
For instance: our system uses a profile-based password validation system. The admin is able to create different password profiles and assign them to roles and users. These password profiles are then resolved dynamically to decide if the new password is valid.
In Identity the password validator is an implementation of IIdentityValidator<string> that is set as a property of the UserManager<TUser> implementation at configuration (creation?) time. How would I go about looking up and passing in the password profile to the Validate(string) method?
This is only the surface. We have several more features that when layered on Identity either negate or supersede what the base UserManager implementation does. So much so that deriving from UserManager may not be possible. However, UserManager is not backed by any sort of interface and is Heavily used throughout the Identity and Owin.Identity namespaces. So much so that IMUST implement it, it seems.
Other things I need to be able to do: Implement a more complex messaging service, layer another level of authentication beyond roles, configure lockout via profiles, configuration two-factor authentication via profiles.
Do I need to bend over backwards to shoe-horn what I want to do into Identity or should I give up now and implement the features that I want from scratch? Any ideas?