Example #1
0
        private static ClaimsIdentity TransformClaims(ClaimsIdentity ident)
        {
            var issuer = ident.Claims.First().Issuer;

            ident.AddClaim(new Claim(CustomClaimTypes.AuthType, AuthTypes.Local));

            if (!ident.HasClaim(ClaimTypes.Email))
            {
                var name = ident.GetClaim(ClaimTypes.Name);
                if (name.IndexOf("@") > -1)
                {
                    ident.AddClaim(new Claim(ClaimTypes.Email, name));
                }
                else
                {
                    var upn = ident.GetClaim(ClaimTypes.Upn);
                    if (upn.IndexOf("@") > -1)
                    {
                        ident.AddClaim(new Claim(ClaimTypes.Email, upn));
                    }
                }
            }

            var response = InviteManager.GetDirectoryRoles(ident.GetClaim(CustomClaimTypes.ObjectIdentifier));

            if (response.Successful)
            {
                foreach (var role in response.Roles)
                {
                    switch (role.Type)
                    {
                    case "#microsoft.graph.directoryRole":
                        ident.AddClaim(new Claim(ClaimTypes.Role, role.DisplayName));
                        break;

                    case "#microsoft.graph.group":
                        ident.AddClaim(new Claim(CustomClaimTypes.MemberOfGroup, JsonConvert.SerializeObject(new GroupObject(role.DisplayName, role.Id))));
                        break;
                    }
                }
            }
            else
            {
                Logging.WriteToAppLog("Error retrieving app roles", EventLogEntryType.Error, new Exception(response.ErrorMessage));
            }

            var fullName = ident.Claims.FirstOrDefault(c => c.Type == "name").Value;

            ident.AddClaim(new Claim(CustomClaimTypes.FullName, fullName));

            return(ident);
        }
        private static ClaimsIdentity TransformClaims(ClaimsIdentity ident)
        {
            var issuer = ident.Claims.First().Issuer;

            ident.AddClaim(new Claim(CustomClaimTypes.AuthType, AuthTypes.Local));

            if (!ident.HasClaim(ClaimTypes.Email))
            {
                var name = ident.GetClaim(ClaimTypes.Name);
                if (name.IndexOf("@") > -1)
                {
                    ident.AddClaim(new Claim(ClaimTypes.Email, name));
                }
                else
                {
                    var upn = ident.GetClaim(ClaimTypes.Upn);
                    if (upn.IndexOf("@") > -1)
                    {
                        ident.AddClaim(new Claim(ClaimTypes.Email, upn));
                    }
                }
            }

            var roles = InviteManager.GetDirectoryRoles(ident.GetClaim(CustomClaimTypes.ObjectIdentifier));

            foreach (var role in roles)
            {
                ident.AddClaim(new Claim(ClaimTypes.Role, role.DisplayName));
            }

            var fullName = ident.Claims.FirstOrDefault(c => c.Type == "name").Value;

            ident.AddClaim(new Claim(CustomClaimTypes.FullName, fullName));

            return(ident);
        }