public async Task <IHttpActionResult> GetRoleMember([FromUri] RoleViewModel model)
{
var result = new List <GroupMembersViewModel>();
var spContext = SharePointContextProvider.Current.GetSharePointContext(HttpContext.Current);
using (var clientContext = spContext.CreateAppOnlyClientContextForSPHost())
{
if (!clientContext.Web.GroupExists(model.Role))
{
return(Ok(await Task.FromResult(result)));
}
var group = clientContext.Web.SiteGroups.GetByName(model.Role);
clientContext.Load(@group, g => g.Users);
clientContext.ExecuteQuery();
result.Add(new GroupMembersViewModel
{
RoleName = model,
Members = @group.Users.Select(m => ClaimsEncoding.Parse(m.LoginName)).ToList()
});
}
return(Ok(await Task.FromResult(result)));
}
public void TestClaimsEncodingFormsBasedAuthentication()
{
var result = ClaimsEncoding.Parse("i:0#.f|mymembershipprovider|chris");
Assert.That(result.IdendityClaim, Is.EqualTo("i"));
Assert.That(result.ClaimType, Is.EqualTo("#"));
Assert.That(result.ClaimValueType, Is.EqualTo("."));
Assert.That(result.AuthMode, Is.EqualTo("f"));
Assert.That(result.OriginalIssuer, Is.EqualTo("mymembershipprovider"));
Assert.That(result.ClaimValue, Is.EqualTo("chris"));
}
public void TestClaimsEncodingWindowsUserNoClaimsEncoding()
{
var result = ClaimsEncoding.Parse("contoso\\chris");
Assert.That(result.IdendityClaim, Is.Null);
Assert.That(result.ClaimType, Is.Null);
Assert.That(result.ClaimValueType, Is.Null);
Assert.That(result.AuthMode, Is.Null);
Assert.That(result.OriginalIssuer, Is.Null);
Assert.That(result.ClaimValue, Is.Null);
}
public void TestClaimsEncodingSamlAuthenticationTrustedUser()
{
var result = ClaimsEncoding.Parse("i:05.t|adfs|[email protected]");
Assert.That(result.IdendityClaim, Is.EqualTo("i"));
Assert.That(result.ClaimType, Is.EqualTo("5"));
Assert.That(result.ClaimValueType, Is.EqualTo("."));
Assert.That(result.AuthMode, Is.EqualTo("t"));
Assert.That(result.OriginalIssuer, Is.EqualTo("adfs"));
Assert.That(result.ClaimValue, Is.EqualTo("*****@*****.**"));
}
public void TestClaimsEncodingCustomAdfsClaimprovider()
{
var result = ClaimsEncoding.Parse("i:0ǵ.t|custom-adfs|First.Last");
Assert.That(result.IdendityClaim, Is.EqualTo("i"));
Assert.That(result.ClaimType, Is.EqualTo("ǵ"));
Assert.That(result.ClaimValueType, Is.EqualTo("."));
Assert.That(result.AuthMode, Is.EqualTo("t"));
Assert.That(result.OriginalIssuer, Is.EqualTo("custom-adfs"));
Assert.That(result.ClaimValue, Is.EqualTo("First.Last"));
}
public void TestClaimsEncodingActiveDirectoryUsersgroupwithSid()
{
var result = ClaimsEncoding.Parse("c:0+.w|s-1-2-34-1234567890-1234567890-1234567890-1234");
Assert.That(result.IdendityClaim, Is.EqualTo("c"));
Assert.That(result.ClaimType, Is.EqualTo("+"));
Assert.That(result.ClaimValueType, Is.EqualTo("."));
Assert.That(result.AuthMode, Is.EqualTo("w"));
Assert.That(result.OriginalIssuer, Is.Null);
Assert.That(result.ClaimValue, Is.EqualTo("s-1-2-34-1234567890-1234567890-1234567890-1234"));
}
public void TestClaimsEncodingWindowsAuthenticatedUsersgroup()
{
var result = ClaimsEncoding.Parse("c:0!.s|windows");
Assert.That(result.IdendityClaim, Is.EqualTo("c"));
Assert.That(result.ClaimType, Is.EqualTo("!"));
Assert.That(result.ClaimValueType, Is.EqualTo("."));
Assert.That(result.AuthMode, Is.EqualTo("s"));
Assert.That(result.OriginalIssuer, Is.Null);
Assert.That(result.ClaimValue, Is.EqualTo("windows"));
}
public void TestClaimsEncodingWindowsUser()
{
var result = ClaimsEncoding.Parse("i:0#.w|contoso\\chris");
Assert.That(result.IdendityClaim, Is.EqualTo("i"));
Assert.That(result.ClaimType, Is.EqualTo("#"));
Assert.That(result.ClaimValueType, Is.EqualTo("."));
Assert.That(result.AuthMode, Is.EqualTo("w"));
Assert.That(result.OriginalIssuer, Is.Null);
Assert.That(result.ClaimValue, Is.EqualTo("contoso\\chris"));
}
public async Task <IHttpActionResult> IsMember([FromUri] RoleViewModel model)
{
var claimsId = HttpContext.Current.User.Identity as ClaimsIdentity;
if (claimsId == null)
{
return(NotFound());
}
var roleClaimsOfCurrentUser = TokenHelper.GetRoleClaims(claimsId);
var spContext = SharePointContextProvider.Current.GetSharePointContext(HttpContext.Current);
using (var clientContext = spContext.CreateAppOnlyClientContextForSPHost())
{
if (!clientContext.Web.GroupExists(model.Role))
{
return(Ok(await Task.FromResult(false)));
}
var group = clientContext.Web.SiteGroups.GetByName(model.Role);
clientContext.Load(@group, g => g.Users);
clientContext.ExecuteQuery();
foreach (var groupUser in @group.Users)
{
if (groupUser.PrincipalType != PrincipalType.SecurityGroup)
{
continue;
}
if (
roleClaimsOfCurrentUser.Any(
rc =>
rc.Item2.ToLowerInvariant() ==
ClaimsEncoding.Parse(groupUser.LoginName).ClaimValue.ToLowerInvariant()))
{
return(Ok(await Task.FromResult(true)));
}
}
}
return(Ok(await Task.FromResult(false)));
}
