protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
HttpContextBase httpContext;
string userName;
HashSet<string> scope;
if (!request.TryGetHttpContext(out httpContext))
throw new InvalidOperationException("HttpContext must not be null.");
var resourceServer = new ResourceServer(new StandardAccessTokenAnalyzer(
(RSACryptoServiceProvider)_configuration.IssuerSigningCertificate.PublicKey.Key,
(RSACryptoServiceProvider)_configuration.EncryptionVerificationCertificate.PrivateKey));
var error = resourceServer.VerifyAccess(httpContext.Request, out userName, out scope);
if (error != null)
return Task<HttpResponseMessage>.Factory.StartNew(error.ToHttpResponseMessage);
Microsoft.IdentityModel.Claims.ClaimsIdentity identity = new Microsoft.IdentityModel.Claims.ClaimsIdentity(scope.Select(s => new Microsoft.IdentityModel.Claims.Claim(s, s)));
if (!string.IsNullOrEmpty(userName))
identity.Claims.Add(new Microsoft.IdentityModel.Claims.Claim(Microsoft.IdentityModel.Claims.ClaimTypes.Name, userName));
httpContext.User = Microsoft.IdentityModel.Claims.ClaimsPrincipal.CreateFromIdentity(identity);
Thread.CurrentPrincipal = httpContext.User;
return base.SendAsync(request, cancellationToken);
}
private User GetUser()
{
try // may not have a context if class instantiated during start-up for initial db seeding
{
Microsoft.IdentityModel.Claims.ClaimsIdentity claimsIdentity = HttpContext.Current.User.Identity as Microsoft.IdentityModel.Claims.ClaimsIdentity;
if (claimsIdentity == null || !claimsIdentity.IsAuthenticated)
{
return(null);
}
Microsoft.IdentityModel.Claims.Claim nameIdentifierClaim = claimsIdentity.Claims.Where(candidate => candidate.ClaimType.EndsWith("nameidentifier", StringComparison.OrdinalIgnoreCase)).FirstOrDefault();
if (nameIdentifierClaim == null)
{
return(null);
}
Microsoft.IdentityModel.Claims.Claim identityProviderClaim = claimsIdentity.Claims.Where(candidate => candidate.ClaimType.EndsWith("identityprovider", StringComparison.OrdinalIgnoreCase)).FirstOrDefault();
if (identityProviderClaim == null)
{
return(null);
}
return(_storage.Users.Where(u => u.NameIdentifier == nameIdentifierClaim.Value).FirstOrDefault());
}
catch
{
return(null);
}
}
public static string GetIdentityProvider()
{
Microsoft.IdentityModel.Claims.ClaimsIdentity claimsIdentity = System.Web.HttpContext.Current.User.Identity as Microsoft.IdentityModel.Claims.ClaimsIdentity;
if (claimsIdentity == null || !claimsIdentity.IsAuthenticated)
{
return(null);
}
Microsoft.IdentityModel.Claims.Claim identityProviderClaim = claimsIdentity.Claims.Where(candidate => candidate.ClaimType.EndsWith("identityprovider", StringComparison.OrdinalIgnoreCase)).FirstOrDefault();
if (identityProviderClaim == null)
{
return(null);
}
return(identityProviderClaim.Value);
}