public Task TransformAsync(CustomClaimsProviderContext context) { if (context.WindowsPrincipal.IsInRole(AdminWindowsGroupName)) { context.OutgoingSubject.AddClaim(new Claim("IdentityAdmin", "IdentityAdmin")); } return(Task.FromResult(0)); }
public Task TransformAsync(CustomClaimsProviderContext context) { // find name claim on outgoing subject var nameClaim = context.OutgoingSubject.Claims.FirstOrDefault(c => c.Type == "name"); if (nameClaim != null && nameClaim.Value == @"MARVIN-SURFACE\Kevin") { // add an e-mail claim to the outgoing claims context.OutgoingSubject.AddClaim( new System.Security.Claims.Claim("email", "*****@*****.**")); } return(Task.FromResult(0)); }
public async Task <SignInResponseMessage> GenerateAsync(SignInRequestMessage request, WindowsPrincipal windowsPrincipal) { Logger.Info("Creating WS-Federation signin response"); // create subject var outgoingSubject = SubjectGenerator.Create(windowsPrincipal, _options); // call custom claims tranformation logic var context = new CustomClaimsProviderContext { WindowsPrincipal = windowsPrincipal, OutgoingSubject = outgoingSubject }; await _options.CustomClaimsProvider.TransformAsync(context); // create token for user var token = CreateSecurityToken(context.OutgoingSubject); // return response var rstr = new RequestSecurityTokenResponse { AppliesTo = new EndpointReference(_options.IdpRealm), Context = request.Context, ReplyTo = _options.IdpReplyUrl, RequestedSecurityToken = new RequestedSecurityToken(token) }; var serializer = new WSFederationSerializer( new WSTrust13RequestSerializer(), new WSTrust13ResponseSerializer()); var mgr = SecurityTokenHandlerCollectionManager.CreateEmptySecurityTokenHandlerCollectionManager(); mgr[SecurityTokenHandlerCollectionManager.Usage.Default] = CreateSupportedSecurityTokenHandler(); var responseMessage = new SignInResponseMessage( new Uri(_options.IdpReplyUrl), rstr, serializer, new WSTrustSerializationContext(mgr)); return(responseMessage); }
public override async Task GrantCustomExtension(OAuthGrantCustomExtensionContext context) { var windowsPrincipal = context.OwinContext.Authentication.User as WindowsPrincipal; if (windowsPrincipal == null) { context.SetError("User is not a Windows user"); return; } var subject = SubjectGenerator.Create(windowsPrincipal, _options); var transformationContext = new CustomClaimsProviderContext { WindowsPrincipal = windowsPrincipal, OutgoingSubject = subject }; await _options.CustomClaimsProvider.TransformAsync(transformationContext); context.Validated(transformationContext.OutgoingSubject); }
public Task TransformAsync(CustomClaimsProviderContext context) { return(Task.FromResult(0)); }
public async Task TransformAsync(CustomClaimsProviderContext context) { var email = await GetEmailFromActiveDirectoryAsync(context.OutgoingSubject); context.OutgoingSubject.AddClaim(new Claim(ClaimTypes.Email, email)); }