/// <summary>
/// Invoke
/// </summary>
/// <param name="context">The context.</param>
/// <param name="client">The client.</param>
/// <returns></returns>
public async Task Invoke(HttpContext context, IPolicyServerClient client)
{
if (context.User.Identity.IsAuthenticated)
{
var policy = await client.EvaluateAsync(context.User);
var roleClaims = policy.Roles.Select(x => new Claim("role", x));
var permissionClaims = policy.Permissions.Select(x => new Claim("permission", x));
var id = new ClaimsIdentity("PolicyServerMiddleware", "name", "role");
id.AddClaims(roleClaims);
id.AddClaims(permissionClaims);
context.User.AddIdentity(id);
}
await _next(context);
}
public async Task <object> WhoAmI()
{
// get roles and permission for current user
var result = await _client.EvaluateAsync(User);
var roles = result.Roles;
var permissions = result.Permissions;
return(new {
Username = User.Identity.Name,
IdentityRoles = User.Claims.Where(c => c.Type == "role").Select(c => c.Value),
PolicyRoles = roles,
Permissions = permissions,
Claims = User.Claims.Select(c =>
new {
type = c.Type,
value = c.Value
})
});
}
public async Task <IActionResult> Secure()
{
var result = await _client.EvaluateAsync(User);
return(View(result));
}
