Example #1
0
        public async Task GetProfileDataAsync(IdentityServer4.Models.ProfileDataRequestContext context)
        {
            var user = await userManager.GetUserAsync(context.Subject);

            var roles = user != null ? await userManager.GetRolesAsync(user) :
                        env.IsDevelopment() && context.Subject.Identity.Name == "admin" ?
                        roleManager.Roles.Select(r => r.Name) : Enumerable.Empty <string>();

            context.IssuedClaims.AddRange(roles.Select(r => new System.Security.Claims.Claim(IdentityModel.JwtClaimTypes.Role, r)));
        }
Example #2
0
        public virtual async Task GetProfileDataAsync(IdentityServer4.Models.ProfileDataRequestContext context)
        {
            context.IssuedClaims.AddRange(context.Subject.Claims);

            var client = new HttpClient();
            var disco  = await client.GetDiscoveryDocumentAsync("http://localhost:5000");

            if (disco.IsError)
            {
                await Task.FromException(disco.Exception);

                Console.WriteLine(disco.Error);
                return;
            }

            // request token to access api1
            var tokenResponse = await client.RequestClientCredentialsTokenAsync(new ClientCredentialsTokenRequest
            {
                Address = disco.TokenEndpoint,

                ClientId     = "client",
                ClientSecret = "secret",
                Scope        = "api1"
            });

            if (tokenResponse.IsError)
            {
                await Task.FromException(tokenResponse.Exception);

                Console.WriteLine(tokenResponse.ErrorDescription);
                return;
            }

            // make the api call
            var apiClient = new HttpClient();

            apiClient.SetBearerToken(tokenResponse.AccessToken);

            // get user id - this is in the "sub" claim
            // avoids doing a round trip to the database
            var userID = context.Subject.Claims.FirstOrDefault(c => c.Type == "sub").Value;

            try
            {
                var response = await apiClient.GetAsync("http://localhost:5001/api/contract/getclaims/" + userID, HttpCompletionOption.ResponseContentRead);;
                if (!response.IsSuccessStatusCode)
                {
                    Console.WriteLine(response.StatusCode);
                }
                else
                {
                    // read the results
                    var content = await response.Content.ReadAsStringAsync();

                    // convert (in this case we only expect one claim back
                    var result = JsonConvert.DeserializeObject <ClaimValues>(content);

                    // add it to the claims collection
                    var c = new System.Security.Claims.Claim(result.Key, result.Value);
                    context.IssuedClaims.Add(c);

                    Console.WriteLine(content);
                }
                await Task.CompletedTask;
            }
            catch (HttpRequestException httpEx)
            {
                Console.WriteLine(httpEx.Message);
            }
            catch (InvalidOperationException invalidEx)
            {
                Console.WriteLine(invalidEx.Message);
            }
            catch (TaskCanceledException taskEx)
            {
                Console.WriteLine(taskEx.Message);
            }
            return;
        }