public RoleClaim(RoleClaimTypes value, string issuer, string originalIssuer, ClaimsIdentity subject = null)
: base(ROLE_CLAIM_TYPE, ((int)value).ToString(), ClaimValueTypes.Integer, issuer, originalIssuer, subject)
{
}
public void PreAuthenticate(IRequest req, IResponse res)
{
var coreReq = (HttpRequest)req.OriginalRequest;
var claimsPrincipal = coreReq.HttpContext.User;
if (claimsPrincipal.Identity?.IsAuthenticated != true)
{
return;
}
var sessionId = claimsPrincipal.Claims.FirstOrDefault(x => x.Type == IdClaimType);
if (sessionId == null)
{
throw new NotSupportedException($"Claim '{IdClaimType}' is required");
}
var session = SessionFeature.CreateNewSession(req, sessionId.Value);
var meta = (session as IMeta)?.Meta;
session.AuthProvider = Name;
var sessionValues = new Dictionary <string, string>();
foreach (var claim in claimsPrincipal.Claims)
{
if (RoleClaimTypes.Contains(claim.Type))
{
if (session.Roles == null)
{
session.Roles = new List <string>();
}
session.Roles.Add(claim.Value);
}
if (PermissionClaimType == claim.Type)
{
if (session.Permissions == null)
{
session.Permissions = new List <string>();
}
session.Permissions.Add(claim.Value);
}
else if (MapClaimsToSession.TryGetValue(claim.Type, out var sessionProp))
{
sessionValues[sessionProp] = claim.Value;
}
else if (meta != null)
{
meta[claim.Type] = claim.Value;
}
}
session.PopulateFromMap(sessionValues);
if (session.UserAuthName.IndexOf('@') >= 0)
{
session.Email = session.UserAuthName;
}
PopulateSessionFilter?.Invoke(session, claimsPrincipal, req);
req.Items[Keywords.Session] = session;
}
public RoleClaim(RoleClaimTypes value, string issuer = "")
: this(value, issuer, "")
{
}
