Beispiel #1
0
        /// <summary>
        /// Adds claims based on the ctor data
        /// </summary>
        private void AddRequiredClaims(int userId, string username, string realName,
                                       IEnumerable <int> startContentNodes, IEnumerable <int> startMediaNodes, string culture,
                                       string sessionId, string securityStamp, IEnumerable <string> allowedApps, IEnumerable <string> roles)
        {
            //This is the id that 'identity' uses to check for the user id
            if (HasClaim(x => x.Type == ClaimTypes.NameIdentifier) == false)
            {
                AddClaim(new Claim(ClaimTypes.NameIdentifier, userId.ToInvariantString(), ClaimValueTypes.Integer32, Issuer, Issuer, this));
            }

            if (HasClaim(x => x.Type == ClaimTypes.Name) == false)
            {
                AddClaim(new Claim(ClaimTypes.Name, username, ClaimValueTypes.String, Issuer, Issuer, this));
            }

            if (HasClaim(x => x.Type == ClaimTypes.GivenName) == false)
            {
                AddClaim(new Claim(ClaimTypes.GivenName, realName, ClaimValueTypes.String, Issuer, Issuer, this));
            }

            if (HasClaim(x => x.Type == Constants.Security.StartContentNodeIdClaimType) == false && startContentNodes != null)
            {
                foreach (var startContentNode in startContentNodes)
                {
                    AddClaim(new Claim(Constants.Security.StartContentNodeIdClaimType, startContentNode.ToInvariantString(), ClaimValueTypes.Integer32, Issuer, Issuer, this));
                }
            }

            if (HasClaim(x => x.Type == Constants.Security.StartMediaNodeIdClaimType) == false && startMediaNodes != null)
            {
                foreach (var startMediaNode in startMediaNodes)
                {
                    AddClaim(new Claim(Constants.Security.StartMediaNodeIdClaimType, startMediaNode.ToInvariantString(), ClaimValueTypes.Integer32, Issuer, Issuer, this));
                }
            }

            if (HasClaim(x => x.Type == ClaimTypes.Locality) == false)
            {
                AddClaim(new Claim(ClaimTypes.Locality, culture, ClaimValueTypes.String, Issuer, Issuer, this));
            }

            if (HasClaim(x => x.Type == Constants.Security.SessionIdClaimType) == false && SessionId.IsNullOrWhiteSpace() == false)
            {
                AddClaim(new Claim(Constants.Security.SessionIdClaimType, sessionId, ClaimValueTypes.String, Issuer, Issuer, this));
            }

            //The security stamp claim is also required... this is because this claim type is hard coded
            // by the SecurityStampValidator, see: https://katanaproject.codeplex.com/workitem/444
            if (HasClaim(x => x.Type == Microsoft.AspNet.Identity.Constants.DefaultSecurityStampClaimType) == false)
            {
                AddClaim(new Claim(Microsoft.AspNet.Identity.Constants.DefaultSecurityStampClaimType, securityStamp, ClaimValueTypes.String, Issuer, Issuer, this));
            }

            //Add each app as a separate claim
            if (HasClaim(x => x.Type == Constants.Security.AllowedApplicationsClaimType) == false && allowedApps != null)
            {
                foreach (var application in allowedApps)
                {
                    AddClaim(new Claim(Constants.Security.AllowedApplicationsClaimType, application, ClaimValueTypes.String, Issuer, Issuer, this));
                }
            }

            //Claims are added by the ClaimsIdentityFactory because our UserStore supports roles, however this identity might
            // not be made with that factory if it was created with a different ticket so perform the check
            if (HasClaim(x => x.Type == DefaultRoleClaimType) == false && roles != null)
            {
                //manually add them
                foreach (var roleName in roles)
                {
                    AddClaim(new Claim(RoleClaimType, roleName, ClaimValueTypes.String, Issuer, Issuer, this));
                }
            }
        }
Beispiel #2
0
        /// <summary>
        /// Adds claims based on the UserData data
        /// </summary>
        private void AddUserDataClaims()
        {
            //This is the id that 'identity' uses to check for the user id
            if (HasClaim(x => x.Type == ClaimTypes.NameIdentifier) == false)
            {
                AddClaim(new Claim(ClaimTypes.NameIdentifier, UserData.Id.ToString(), ClaimValueTypes.Integer32, Issuer, Issuer, this));
            }

            if (HasClaim(x => x.Type == ClaimTypes.Name) == false)
            {
                AddClaim(new Claim(ClaimTypes.Name, UserData.Username, ClaimValueTypes.String, Issuer, Issuer, this));
            }

            if (HasClaim(x => x.Type == ClaimTypes.GivenName) == false)
            {
                AddClaim(new Claim(ClaimTypes.GivenName, UserData.RealName, ClaimValueTypes.String, Issuer, Issuer, this));
            }

            if (HasClaim(x => x.Type == Constants.Security.StartContentNodeIdClaimType) == false)
            {
                AddClaim(new Claim(Constants.Security.StartContentNodeIdClaimType, JsonConvert.SerializeObject(StartContentNodes), ClaimValueTypes.Integer32, Issuer, Issuer, this));
            }

            if (HasClaim(x => x.Type == Constants.Security.StartMediaNodeIdClaimType) == false)
            {
                AddClaim(new Claim(Constants.Security.StartMediaNodeIdClaimType, JsonConvert.SerializeObject(StartMediaNodes), ClaimValueTypes.Integer32, Issuer, Issuer, this));
            }

            if (HasClaim(x => x.Type == ClaimTypes.Locality) == false)
            {
                AddClaim(new Claim(ClaimTypes.Locality, Culture, ClaimValueTypes.String, Issuer, Issuer, this));
            }

            if (HasClaim(x => x.Type == Constants.Security.SessionIdClaimType) == false && SessionId.IsNullOrWhiteSpace() == false)
            {
                AddClaim(new Claim(Constants.Security.SessionIdClaimType, SessionId, ClaimValueTypes.String, Issuer, Issuer, this));

                //The security stamp claim is also required... this is because this claim type is hard coded
                // by the SecurityStampValidator, see: https://katanaproject.codeplex.com/workitem/444
                if (HasClaim(x => x.Type == Microsoft.AspNet.Identity.Constants.DefaultSecurityStampClaimType) == false)
                {
                    AddClaim(new Claim(Microsoft.AspNet.Identity.Constants.DefaultSecurityStampClaimType, SessionId, ClaimValueTypes.String, Issuer, Issuer, this));
                }
            }

            //Add each app as a separate claim
            if (HasClaim(x => x.Type == Constants.Security.AllowedApplicationsClaimType) == false)
            {
                foreach (var application in AllowedApplications)
                {
                    AddClaim(new Claim(Constants.Security.AllowedApplicationsClaimType, application, ClaimValueTypes.String, Issuer, Issuer, this));
                }
            }

            //Claims are added by the ClaimsIdentityFactory because our UserStore supports roles, however this identity might
            // not be made with that factory if it was created with a FormsAuthentication ticket so perform the check
            if (HasClaim(x => x.Type == DefaultRoleClaimType) == false)
            {
                //manually add them based on the UserData
                foreach (var roleName in UserData.Roles)
                {
                    AddClaim(new Claim(RoleClaimType, roleName, ClaimValueTypes.String, Issuer, Issuer, this));
                }
            }
        }