/// <summary>
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
if (context.RequestedClaimTypes.Any())
{
var user = Users.FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
context.AddRequestedClaims(user.Claims);
}
}
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
public override Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
if (context.RequestedClaimTypes.Any())
{
TestUser user = Users.FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
context.AddRequestedClaims(user.Claims);
var apiLevel = user.Claims.Where(claim => claim.Type == Config.ApiLevel);
context.IssuedClaims.AddRange(apiLevel);
}
}
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
var user = await _userManager.GetUserAsync(context.Subject);
var roles = await _userManager.GetRolesAsync(user);
var roleClaims = new List <Claim>();
foreach (var item in roles)
{
roleClaims.AddRange(
_roleManager.GetClaimsAsync(_roleManager.FindByNameAsync(item).Result).Result
);
}
var claimsNames = new List <string>();
claimsNames.AddRange(new[] {
// "Permission",
"access",
"dashboard",
"route",
"rank",
"group",
"system",
"userId",
JwtClaimTypes.Role,
JwtClaimTypes.Name
});
context.RequestedClaimTypes = claimsNames;
context.AddRequestedClaims(context.Subject.Claims);
var claims = new List <Claim>();
claims.Add(new Claim("username", user.UserName));
// claims.Add(new Claim( JwtClaimTypes.Role, "AO Checker" ));
// claims.Add(new Claim( JwtClaimTypes.Name, "Bob Smith" ));
// context.AddRequestedClaims(roleClaims);
// context.IssuedClaims.AddRange(claims);
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
var sub = context.Subject?.GetSubjectId();
if (sub == null)
{
throw new Exception("No sub claim present");
}
var user = Config.GetUsers().First(u => u.SubjectId == sub);
if (user != null)
{
context.AddRequestedClaims(user.Claims);
}
await Task.CompletedTask;
}
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
var userIdentity = new ClaimsIdentity();
DateTime epoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc);
userIdentity.AddClaim(new Claim(JwtClaimTypes.Subject, "1"));
userIdentity.AddClaim(new Claim(JwtClaimTypes.IdentityProvider, "homekuru"));
userIdentity.AddClaim(new Claim(JwtClaimTypes.AuthenticationMethod, "password"));
userIdentity.AddClaim(new Claim(JwtClaimTypes.AuthenticationTime, (DateTime.UtcNow - epoch).TotalSeconds.ToString()));
IEnumerable <Claim> requestedClaims =
userIdentity.FindAll(p => context.RequestedClaimTypes.Contains(p.Type));
context.AddRequestedClaims(requestedClaims);
return(null);
}
/// <summary>
/// 只要有关用户的身份信息单元被请求(例如在令牌创建期间或通过用户信息终点),就会调用此方法
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
//判断是否有请求Claim信息
if (context.RequestedClaimTypes.Any())
{
//根据用户唯一标识查找用户信息
var user = Users.FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
//调用此方法以后内部会进行过滤,只将用户请求的Claim加入到 context.IssuedClaims 集合中 这样我们的请求方便能正常获取到所需Claim
context.AddRequestedClaims(user.Claims);
}
}
return(Task.CompletedTask);
}
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
// cast token to objeto
var request = context.ValidatedRequest as ValidatedTokenRequest;
// verificar se o token é nulo
if (request != null)
{
// buscar o usuário na base e add as respectivas claims
var user = _context.Clientes.FirstOrDefault(x => x.Nome == request.UserName);
if (user != null)
{
context.AddRequestedClaims(GetUserClaims(user));
}
}
return(Task.CompletedTask);
}
/// <summary>
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
if (context.RequestedClaimTypes.Any())
{
var user = new TestUserStore(_security.CurrentValue.Users).FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
context.AddRequestedClaims(user.Claims);
}
}
context.IssuedClaims = context.Subject.Claims.ToList();
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
if (context.RequestedClaimTypes.Any())
{
var user = _userProvider.GetUserMail(context.Subject.GetSubjectId());
if (user != null)
{
context.AddRequestedClaims(
new List <Claim> {
new Claim("email", user.Email),
new Claim("nome", user.Nome),
new Claim("ruolo", user.Ruolo.ToString()),
new Claim("immagine", user.Img)
});
}
}
return(Task.CompletedTask);
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
try
{
var user = this._userManager.GetUserAsync(context.Subject).Result;
var roles = await this._userManager.GetRolesAsync(user);
var principal = await this._claimsFactory.CreateAsync(user);
if (principal == null)
{
throw new Exception("ClaimsFactory failed to create a principal");
}
var claims = principal.Claims.ToList();
foreach (var item in context.RequestedClaimTypes)
{
if (item == "https://hasura.io/jwt/claims")
{
var hasuraJwtClaimsData = new Dictionary <string, object>
{
{ "x-hasura-allowed-roles", roles.Select(x => x.ToLower()) },
{ "x-hasura-default-role", roles.FirstOrDefault().ToLower() },
{ "x-hasura-user-id", user.Id },
};
var hasuraJwtClaims = new Claim(
"https://hasura.io/jwt/claims",
JsonConvert.SerializeObject(hasuraJwtClaimsData),
IdentityServerConstants.ClaimValueTypes.Json
);
claims.Add(hasuraJwtClaims);
}
}
claims = claims.Where(claim => context.RequestedClaimTypes.Contains(claim.Type)).ToList();
context.AddRequestedClaims(claims);
}
catch (Exception)
{
}
}
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
//JWT
//ValidatitedTokenReques - parse
var request = context.ValidatedRequest as ValidatedTokenRequest;
//verificar se o token é nulo
if (request != null)
{
//Procurar na base as informações
var user = _dbContext.Users.FirstOrDefault(x => x.Email == request.UserName);
if (user != null)
{
context.AddRequestedClaims(GetUserClaims(user));
}
}
return(Task.CompletedTask);
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
var sub = context.Subject.GetSubjectId();
var user = await _userDomainService.GetUserByIdAsync(sub);
if (!user.EmailConfirmed)
{
throw new NetKitAuthForbiddenException(ErrorCode.EmailIsNotConfirmed, EmailWasNotConfirmed);
}
var principal = await _claimsFactory.CreateAsync(user);
if (!principal.IsInRole(Roles.User))
{
context.IssuedClaims.Add(new Claim(JwtClaimTypes.Email, user.Email));
}
context.AddRequestedClaims(principal.Claims);
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
// Include configured claims.
context.AddRequestedClaims(context.Subject.Claims);
// The service gets called multiple times. In this case we need
// the UserInfo endpoint because that's where the scope is defined.
if (context.Caller == "UserInfoEndpoint")
{
// Get the value from somewhere and transform to a list of claims.
// You can filter by requested scopes
List <Claim> userClaims = GetUserClaims(context.RequestedResources.IdentityResources);
if (userClaims.Any())
{
context.IssuedClaims.AddRange(userClaims);
}
}
}
/// <summary>
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
/// </summary>
/// <param name="context">The context.</param>
/// <returns>Returns nothing, but update the current claims to the context.</returns>
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
//Logger.LogDebug("Get profile called for subject {subject} from client {client} with claim types {claimTypes} via {caller}",
// context.Subject.GetSubjectId(),
// context.Client.ClientName ?? context.Client.ClientId,
// context.RequestedClaimTypes,
// context.Caller);
if (context.RequestedClaimTypes.Any())
{
var user = Users.FindBySubjectId(context.Subject.GetSubjectId());
context.AddRequestedClaims(user.Claims);
}
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
// Get user data
var user = await _userManager.GetUserAsync(context.Subject);
var principal = await _claimsFactory.CreateAsync(user, GetTenantFromContext(context.Subject));
var claimsUser = principal.Claims.ToList();
var subjectClaims = context.Subject.Claims.ToList();
// Merge ASP.NET Identity claims
subjectClaims.Merge(claimsUser);
subjectClaims.MergeValues(claimsUser.Where(x => x.Type == JwtClaimTypes.Role));
subjectClaims.AddIfDontExist(new Claim("username", user.UserName));
subjectClaims.AddIfDontExist(new Claim(JwtClaimTypes.Name, user.UserName));
if (subjectClaims.All(a => a.Type != JwtClaimTypes.Role))
{
var roles = await _userManager.GetRolesAsync(user);
subjectClaims.AddRange(roles.Select(s => new Claim(JwtClaimTypes.Role, s)));
}
// Sometimes IdentityResources are specified at UserClaims in ProtectedResource. Then we include all related claims to RequestedClaims
var resources = await _resourceStore.GetAllResourcesAsync();
var usersClaimsToGoWithin = GetIdentityResourcesToIncludeInRequestedClaims(context, resources);
if (context.Subject.ContainsTenant())
{
usersClaimsToGoWithin.Add("tid");
usersClaimsToGoWithin.Add("tname");
}
usersClaimsToGoWithin.Merge(context.RequestedClaimTypes);
context.RequestedClaimTypes = usersClaimsToGoWithin;
context.LogProfileRequest(_logger);
context.AddRequestedClaims(subjectClaims);
context.LogIssuedClaims(_logger);
}
public override async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
await base.GetProfileDataAsync(context);
var tenantId = context.Subject.FindTenantId();
using (CurrentTenant.Change(tenantId))
{
var userId = context.Subject.GetSubjectId();
var user = await UserManager.FindByIdAsync(userId);
if (context.IssuedClaims == null)
{
context.IssuedClaims = new List <Claim>();
}
context.IssuedClaims.Add(new Claim("usertype", "superuser"));
context.AddRequestedClaims(context.IssuedClaims);
}
}
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
Log.Debug(
$"Get profile called for subject {context.Subject.GetSubjectId()} from client {context.Client.ClientName ?? context.Client.ClientId} with claim types {context.RequestedClaimTypes.Join()} via {context.Caller}");
// 判断是否有请求Claim信息
if (context.RequestedClaimTypes.Any())
{
// 根据用户标识查找用户信息
var user = Users.FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
// 调用此方法以后内部会进行过滤,只将用户请求的Claim加入到 context.IssuedClaims 集合中 这样我们的请求方便能正常获取到所需Claim
context.AddRequestedClaims(user.Claims);
}
}
Log.Debug($"Issued claims: {context.IssuedClaims.Select(x => x.Type.Join())}");
return(Task.CompletedTask);
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(logger);
var container = storage.CreateCloudBlobClient().GetContainerReference("identity");
var local = container.GetBlockBlobReference("local.json");
if (await container.ExistsAsync() && await local.ExistsAsync())
{
var localuser = JToken.Parse(local.DownloadTextAsync().GetAwaiter().GetResult()).ToObject <LocalUsersProvisionModel>();
context.AddRequestedClaims(new[] {
new Claim(JwtClaimTypes.GivenName, localuser.FirstName),
new Claim(JwtClaimTypes.FamilyName, localuser.LastName),
new Claim(JwtClaimTypes.Name, $"{localuser.FirstName} {localuser.LastName}")
});
}
context.LogIssuedClaims(logger);
}
//
// 摘要:
// This method is called whenever claims about the user are requested (e.g. during
// token creation or via the userinfo endpoint)
//
// 参数:
// context:
// The context.
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
//context.LogProfileRequest(Logger);
if (context.RequestedClaimTypes.Any())
{
User User = Users.FindBySubjectId(context.Subject.GetSubjectId());
if (User != null)
{
List <sysClaims.Claim> claims = new List <sysClaims.Claim>();
foreach (var item in User.Claims)
{
claims.Add(new sysClaims.Claim(item.Type, item.Value));
}
context.AddRequestedClaims(claims);
}
}
//context..(Logger);
return(Task.CompletedTask);
}
/// <summary>
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
if (context.RequestedClaimTypes.Any())
{
var user = Users.FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
context.AddRequestedClaims(user.Claims);
//var customClaimTypes = new[] { "role", "course" };
//foreach(var customClaim in user.Claims.Where(c=> customClaimTypes.Contains(c.Type)))
// context.IssuedClaims.Add(customClaim);
}
}
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
var sub = context.Subject.GetSubjectId();
if (context.RequestedClaimTypes.Any())
{
// Get data from Db
var user = _userRepository.FindBySubjectId(sub);
var claims = new List <Claim>();
if (user != null)
{
claims.Add(new Claim("custom_user_id", user.UserId));
claims.Add(new Claim("custom_company_id", user.CompanyId));
claims.Add(new Claim(JwtClaimTypes.Address, user.Address));
claims.Add(new Claim("country", user.Country));
claims.Add(new Claim(JwtClaimTypes.Email, user.Email));
claims.Add(new Claim(JwtClaimTypes.GivenName, user.FirstForename));
claims.Add(new Claim(JwtClaimTypes.FamilyName, user.Surname));
claims.Add(new Claim("role", "Admin"));
}
if (context.Caller == IdentityServerConstants.ProfileDataCallers.UserInfoEndpoint)
{
var bigSetOfClaims = new Dictionary <string, string>();
for (int i = 1; i <= 10; i++)
{
bigSetOfClaims.Add($"key{i}", Guid.NewGuid().ToString().ToSha256());
}
claims.Add(new Claim("permissions", JsonConvert.SerializeObject(bigSetOfClaims), IdentityServerConstants.ClaimValueTypes.Json));
}
context.AddRequestedClaims(claims);
//context.IssuedClaims = claims;
}
return(Task.CompletedTask);
}
/// <summary>
/// 只要有关用户的身份信息单元被请求(例如在令牌创建期间或通过用户信息终点),就会调用此方法
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
//判断是否有请求Claim信息
if (context.RequestedClaimTypes.Any())
{
var user = GetUserById(context.Subject.GetSubjectId());
if (user != null)
{
//调用此方法以后内部会进行过滤,只将用户请求的Claim加入到 context.IssuedClaims 集合中 这样我们的请求方便能正常获取到所需Claim
var claims = new[]
{
new Claim("Username", user.Username), //请求用户的账号,这个可以保证User.Identity.Name有值
new Claim("DisplayName", user.DisplayName), //请求用户的姓名
};
//返回apiresource中定义的claims
context.AddRequestedClaims(claims);
}
}
return(Task.CompletedTask);
}
protected virtual async Task AddOrganisationClaims(ProfileDataRequestContext context, InsolvencyUser user)
{
if (string.IsNullOrEmpty(user.ScpGroupId))
{
return;
}
if (string.IsNullOrEmpty(user.Email))
{
return;
}
var organisations = await _iIdentityManagementRepository.GetOrganisationByScpGroupIdAsync(user.ScpGroupId);
if (organisations.Count == 0)
{
_logger.LogWarning($"No organisations for user with ScpGroupId: {user.ScpGroupId} could be found! Unable to add requested claims.");
return;
}
context.AddRequestedClaims(CreateOrganisationClaims(organisations, user.Email));
}
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
if (context.RequestedClaimTypes.Any())
{
var user = Users.FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
// AddRequestedClaims will filter out any claims that's not in standard ScopeToClaimsMapping
// defined in IdentityServer4 Constants.cs
// Since we added "aadtenant" scope to include aad specific claims oid and tid,
// they won't be filtered out.
context.AddRequestedClaims(user.Claims);
}
}
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
string subId = context.Subject.GetSubjectId();
ApplicationUser user = await userManager.FindByIdAsync(subId);
IList <string> userRoles = await userManager.GetRolesAsync(user);
List <Claim> claims = new List <Claim>()
{
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim("name", user.UserName),
};
foreach (string role in userRoles)
{
claims.Add(new Claim("role", role));
}
context.AddRequestedClaims(claims);
context.IssuedClaims = claims;
}
public override async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
await base.GetProfileDataAsync(context);
var userData = _context.Users.FirstOrDefault(x => x.Id == context.Subject.FindFirstValue(JwtClaimTypes.Subject));
var userName = userData.FirstName.IsNullOrEmpty() || userData.LastName.IsNullOrEmpty()
? userData.Email
: $"{userData.FirstName} {userData.LastName}";
var userClaims = new List <Claim>
{
new Claim(DomainClaimTypes.TestUserId, "some test_user_id"),
new Claim(DomainClaimTypes.LiveUserId, "some live_user_id"),
new Claim(DomainClaimTypes.LiveEnabled, "true"),
new Claim(DomainClaimTypes.SomeClaim, "some_claim value"),
new Claim(DomainClaimTypes.AnotherClaim, "another_claim value"),
new Claim("name", userName)
};
context.AddRequestedClaims(userClaims);
}
/// <summary>
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint).
/// </summary>
/// <param name="context">The context.</param>
/// <returns>A task instance</returns>
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(_logger);
if (context.RequestedClaimTypes.Any())
{
var subjectId = context
.Subject
.GetSubjectId();
var userId = Convert.ToInt64(subjectId);
var userMonad = _userService.Get(userId);
var claimsMonad = userMonad.Bind(_userService.GetClaims);
if (claimsMonad is Success <IEnumerable <Claim>, Error> claims)
{
context.AddRequestedClaims(new Claim[0]);
}
}
context.LogIssuedClaims(_logger);
return(Task.CompletedTask);
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
var subId = context.Subject.GetSubjectId();
var user = await _customUserRepository.FindById(int.Parse(subId));
var claims = new List <Claim>()
{
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim("name", user.UserName),
new Claim("city", user.City),
};
if (user.Id == 1)
{
claims.Add(new Claim("role", "admin"));
}
else
{
claims.Add(new Claim("role", "customer"));
}
context.AddRequestedClaims(claims);
//context.IssuedClaims = claims;
}
/// <summary>
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
// Claims added here are defined be the API and RESOURCE configurations in Config.cs, only the requested claims will be added to the IssuedClaims collection
if (context.RequestedClaimTypes.Any())
{
var user = await Users.FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
context.AddRequestedClaims(user.Claims);
// Add the sellerId claim if it was not already added, to ensure it appears in the access_token
var sellerIdClaim = user.Claims.FirstOrDefault(x => x.Type == "https://openactive.io/sellerId");
if (sellerIdClaim != null && !context.IssuedClaims.Exists(x => x.Type == "https://openactive.io/sellerId"))
{
context.IssuedClaims.Add(sellerIdClaim);
}
}
}
context.LogIssuedClaims(Logger);
}
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(_logger);
if (context.RequestedClaimTypes.Any())
{
Guid userId = context.Subject.GetUserId();
var user = _dbContext.Users.Find(userId);
if (user != null)
{
context.AddRequestedClaims(new[]
{
new Claim(JwtClaimTypes.Name, user.Name),
new Claim(JwtClaimTypes.Email, user.EmailAddress),
new Claim(JwtClaimTypes.Role, user.Role.GetStringValue())
});
}
}
context.LogIssuedClaims(_logger);
return(Task.CompletedTask);
}