/// <summary>
/// Creates an IdentityServer claims principal
/// </summary>
/// <returns></returns>
/// <exception cref="ArgumentNullException"></exception>
public ClaimsPrincipal CreatePrincipal()
{
if (SubjectId.IsMissing())
{
throw new ArgumentException("SubjectId is mandatory", nameof(SubjectId));
}
var claims = new List <Claim> {
new Claim(JwtClaimTypes.Subject, SubjectId)
};
if (DisplayName.IsPresent())
{
claims.Add(new Claim(JwtClaimTypes.Name, DisplayName));
}
if (IdentityProvider.IsPresent())
{
claims.Add(new Claim(JwtClaimTypes.IdentityProvider, IdentityProvider));
}
if (Tenant.IsPresent())
{
claims.Add(new Claim(IdentityServerConstants.ClaimTypes.Tenant, Tenant));
}
if (AuthenticationTime.HasValue)
{
claims.Add(new Claim(JwtClaimTypes.AuthenticationTime, new DateTimeOffset(AuthenticationTime.Value).ToUnixTimeSeconds().ToString()));
}
if (AuthenticationMethods.Any())
{
foreach (var amr in AuthenticationMethods)
{
claims.Add(new Claim(JwtClaimTypes.AuthenticationMethod, amr));
}
}
claims.AddRange(AdditionalClaims);
var id = new ClaimsIdentity(claims.Distinct(new ClaimComparer()), Constants.IdentityServerAuthenticationType, JwtClaimTypes.Name, JwtClaimTypes.Role);
return(new ClaimsPrincipal(id));
}
