public static SecurityIdentifier GetSidFromClaim(string claimValue) { SecurityIdentifier sid = null; SPClaimProviderManager claimManager = SPClaimProviderManager.Local; if (claimManager == null) { throw new ApplicationException("Unable to access the claims provider manager."); } try { SPClaim claim = claimManager.DecodeClaim(claimValue); if (claim.OriginalIssuer.Equals("Windows", StringComparison.OrdinalIgnoreCase)) { if (claim.ClaimType.Equals(Microsoft.IdentityModel.Claims.ClaimTypes.GroupSid, StringComparison.OrdinalIgnoreCase)) { sid = new SecurityIdentifier(claim.Value); } else if (claim.ClaimType.Equals(Microsoft.SharePoint.Administration.Claims.SPClaimTypes.UserLogonName, StringComparison.OrdinalIgnoreCase)) { NTAccount userAccount = new NTAccount(claim.Value); sid = (SecurityIdentifier)userAccount.Translate(typeof(SecurityIdentifier)); } } } catch (ArgumentException currentException) { GlymaSearchLogger.WriteTrace(LogCategoryId.Security, TraceSeverity.Unexpected, "The following exception occured when attempting to decode the claim, " + claimValue + " : " + currentException.ToString()); } return(sid); }
/// <summary> /// Implement this method if the claims provider supports claims augmentation. /// </summary> /// <param name="context"></param> /// <param name="entity"></param> /// <param name="claims"></param> protected override void FillClaimsForEntity(Uri context, SPClaim entity, List <SPClaim> claims) { if (null == entity) { throw new ArgumentNullException("entity"); } if (null == claims) { throw new ArgumentNullException("claims"); } //Add the role claim. SPClaim userIdClaim = SPClaimProviderManager.DecodeUserIdentifierClaim(entity); //Add claims for users. List <string> allCRMUsers = CRMUserInfo.GetAllUsers(); if (allCRMUsers.Contains(userIdClaim.Value.ToLower())) { List <Claim> userClaims = CRMUserInfo.GetClaimsForUser(userIdClaim.Value.ToLower()); foreach (Claim claim in userClaims) { claims.Add(CreateClaim(claim.ClaimType, claim.Value, claim.ValueType)); } } }
internal static void VerifyPermissions(List <string> groups, string url) { //string currUserName = SPContext.Current.Web.CurrentUser.LoginName; //string url = SPContext.Current.Site.Url; try { /*SPSecurity.RunWithElevatedPrivileges(delegate () * {*/ SPClaimProviderManager cpm = SPClaimProviderManager.Local; SPClaim userClaim = cpm.ConvertIdentifierToClaim(defaultUser, SPIdentifierTypes.WindowsSamAccountName); using (SPSite s = new SPSite(url)) { using (SPWeb w = s.RootWeb) { w.AllowUnsafeUpdates = true; List <string> missingGroups; List <SPGroup> spgroups = PermutationGroups(groups, w, out missingGroups); if (spgroups.Count != groups.Count) { SPUser admin = w.EnsureUser(userClaim.ToEncodedString()); CreateMissingGroups(missingGroups, w, admin); } w.AllowUnsafeUpdates = false; } } //}); } catch (Exception ex) { Console.WriteLine("Error:\n" + ex.Message + "\n" + ex.StackTrace + "\n" + ex.InnerException); } }
internal void VerifyPermissions(List <string> permutations) { string currUserName = SPContext.Current.Web.CurrentUser.LoginName; string url = SPContext.Current.Site.Url; try { SPSecurity.RunWithElevatedPrivileges(delegate() { // need to convert to claim due to us running against claims enabled web app SPClaimProviderManager cpm = SPClaimProviderManager.Local; SPClaim adminClaim = cpm.ConvertIdentifierToClaim(defaultUser, SPIdentifierTypes.WindowsSamAccountName); using (SPSite s = new SPSite(url)) { using (SPWeb w = s.RootWeb) { w.AllowUnsafeUpdates = true; UpdateUserInformationList(w, GetClaimsForUser(true)); List <string> missingGroups; List <SPGroup> groups = PermutationGroups(permutations, w, out missingGroups); if (groups.Count != permutations.Count) { SPUser admin = w.EnsureUser(adminClaim.ToEncodedString()); groups.AddRange(CreateMissingGroups(missingGroups, w, admin)); } SPUser cUser = w.EnsureUser(currUserName); SPGroupCollection gUser = cUser.Groups; foreach (SPGroup g in groups) { bool isAlreadyMember = false; foreach (SPGroup gu in gUser) { if (gu.Name == g.Name) { isAlreadyMember = true; break; } } if (!isAlreadyMember) { g.AddUser(cUser); #if DEBUG this.Controls.Add(new LiteralControl("<div>Adding user to group:" + g.Name + "</div>")); #endif } #if DEBUG this.Controls.Add(new LiteralControl("<div>Already a member of group: " + g.Name + "</div>")); #endif } w.AllowUnsafeUpdates = false; } } }); } catch (Exception ex) { this.Controls.Add(new LiteralControl("<div class='Error' style='display:none'>" + ex.Message + "</div><div>" + ex.StackTrace + "</div>")); } }
/// <summary> /// DropClaimProvider method implmentation /// </summary> private void DropClaimProvider(ProxyClaimsProviderParameters prm) { SPClaimProviderManager cpm = SPClaimProviderManager.Local; SPClaimProviderDefinition ppv = cpm.GetClaimProvider(prm.ClaimProviderName); if (ppv == null) { return; } if (ppv.TypeName.ToLower().Equals("sharepoint.identityservice.claimsprovider.identityserviceclaimsprovider")) { try { cpm.DeleteClaimProvider(ppv); } finally { cpm.Update(true); } if (prm.ClaimProviderMode == ProxyClaimsMode.Windows) { ReCreateWindowsClaimProvider(prm); } /* else * { * ReCreateTrustedClaimProvider(prm); * } it seem that it is not needed */ } }
private bool UpdateUserPermissions(SPWeb web, SPRoleAssignmentCollection roleAssignments, XmlNodeList principalUserNodes) { bool dirty = false; foreach (XmlNode principalUserNode in principalUserNodes) { string loginName = principalUserNode.Attributes["login"].Value; string userName = principalUserNode.Attributes["name"].Value; try { SPClaimProviderManager cpm = SPClaimProviderManager.Local; SPClaim userClaim = cpm.ConvertIdentifierToClaim(loginName, SPIdentifierTypes.WindowsSamAccountName); SPUser user = web.EnsureUser(userClaim.ToEncodedString()); if (user == null) { throw new Exception(); } SPPrincipal userPrincipal = (SPPrincipal)user; try { SPRoleAssignment roleAssignment = roleAssignments.GetAssignmentByPrincipal(userPrincipal); if (roleAssignment == null) { throw new Exception(); } UpdatePrincipal(web, principalUserNode, string.Format("{0,20}, '{1,15}'", userName, loginName), roleAssignment); } catch { output.Append(string.Format("permissins missing for user: {0,20} with login: {1,15}, adding new..." + Environment.NewLine, userName, loginName)); SPRoleAssignment roleAssignmentNew = new SPRoleAssignment(userPrincipal); XmlNodeList roleNodes = principalUserNode.SelectNodes("role"); foreach (XmlNode roleNode in roleNodes) { string roleName = roleNode.Attributes["name"].Value; if (roleName.ToLower().Equals("limited access")) { roleName = "Limited User"; } SPRoleDefinition role = web.RoleDefinitions[roleName]; roleAssignmentNew.RoleDefinitionBindings.Add(role); } roleAssignments.Add(roleAssignmentNew); output.Append("completed" + Environment.NewLine); dirty = true; } } catch { output.Append(string.Format("user not found: {0,20} with login: {1,15}" + Environment.NewLine, userName, loginName)); } } return(dirty); }
public IEnumerable <PrincipalInfo> Resolve(SPUser user, IDisposable implicitContext) { try { CommonHelper.ConfirmNotNull(user, "user"); if (!resolvedIdentities.Contains(user.ID)) { resolvedIdentities.Add(user.ID); parentPrincipal = user; if (SPClaimProviderManager.IsEncodedClaim(user.LoginName)) { SPClaim claim = SPClaimProviderManager.Local.DecodeClaim(user.LoginName); if (claim.OriginalIssuer == "Windows") { if (claim.ClaimType == SPClaimTypes.UserLogonName) { PrincipalInfo userInfo = ResolveActiveDirectoryUser(IdentityType.SamAccountName, claim.Value); if (userInfo != null) { return(new[] { userInfo }); } return(new PrincipalInfo[0]); } if (claim.ClaimType == ClaimTypes_GroupSid) { return(EnumerateActiveDirectoryGroup(IdentityType.SamAccountName, user.Name)); } } if (claim.OriginalIssuer.StartsWith("Forms:")) { string providerName = claim.OriginalIssuer.Substring(6); if (claim.ClaimType == SPClaimTypes.UserLogonName) { PrincipalInfo userInfo = ResolveMembershipUser(providerName, claim.Value); if (userInfo != null) { return(new[] { userInfo }); } return(new PrincipalInfo[0]); } if (claim.ClaimType == ClaimTypes_Role) { return(EnumerateMembershipUsersInRole(providerName, claim.Value)); } } } if (user.IsDomainGroup) { return(EnumerateActiveDirectoryGroup(IdentityType.SamAccountName, user.LoginName)); } return(EnumerateBySamAccountName(user.LoginName)); } return(new PrincipalInfo[0]); } finally { if (implicitContext != null) { implicitContext.Dispose(); } } }
private void CheckItems(XmlNode siteNode, string url) { using (SPWeb web = new SPSite(url).OpenWeb()) { XmlNodeList alertNodes = siteNode.SelectNodes("alert[@type='Item']"); foreach (XmlNode alertNode in alertNodes) { string alertTitle = alertNode.Attributes["title"].Value; string listTitle = alertNode.Attributes["list"].Value; string loginName = alertNode.Attributes["user"].Value; int itemId = Int32.Parse(alertNode.Attributes["id"].Value); string itemUrl = alertNode.Attributes["url"].Value; string objectType = alertNode.Attributes["object"].Value; output.Append(string.Format("user: {0,20}...", loginName)); try { SPList list = web.Lists[listTitle]; SPClaimProviderManager cpm = SPClaimProviderManager.Local; SPClaim userClaim = cpm.ConvertIdentifierToClaim(loginName, SPIdentifierTypes.WindowsSamAccountName); SPUser user = web.EnsureUser(userClaim.ToEncodedString()); string eventType = alertNode.Attributes["event"].Value; SPEventType spEventType = (SPEventType)Enum.Parse(typeof(SPEventType), eventType); string eventFrequency = alertNode.Attributes["frequency"].Value; SPAlertFrequency spAlertFrequency = (SPAlertFrequency)Enum.Parse(typeof(SPAlertFrequency), eventFrequency); string type = alertNode.Attributes["type"].Value; SPAlertType spAlertType = (SPAlertType)Enum.Parse(typeof(SPAlertType), type); SPListItem item = null; if (list.BaseType == SPBaseType.DocumentLibrary) { SPFile file = web.GetFile(itemUrl); item = file.Item; } else { item = list.GetItemById(itemId); } SPAlert newAlert = user.Alerts.Add(); newAlert.Title = alertTitle; newAlert.AlertType = spAlertType; newAlert.Item = item; newAlert.DeliveryChannels = SPAlertDeliveryChannels.Email; newAlert.EventType = spEventType; newAlert.AlertFrequency = spAlertFrequency; newAlert.Status = SPAlertStatus.On; newAlert.Update(false); output.Append(string.Format("Complete" + Environment.NewLine)); } catch (Exception ex) { output.Append(string.Format("error: {0,20}" + Environment.NewLine, ex.Message)); } } } }
public Credentials GetCredentials(SPUser user) { System.Security.Principal.WindowsIdentity winUser = System.Security.Principal.WindowsIdentity.GetCurrent(); if (SPClaimProviderManager.IsClaimsUser()) { Logger.Default.Error(LogLocation, string.Format("Can't get applications for {0}. You should use Secure Store option for web peb part.", winUser != null ? winUser.Name : null), new ApplicationException("Claim based authentication not supported")); } return(service.GetUser(winUser)); }
public static SPUserToken GetToken(string login) { SPClaimProviderManager claimProviderManager = SPClaimProviderManager.Local; SPClaim claim = new SPClaim(SPClaimTypes.UserLogonName, login, "http://www.w3.org/2001/XMLSchema#string", SPOriginalIssuers.Format(SPOriginalIssuerType.Windows)); var userName = claimProviderManager.EncodeClaim(claim); return(SPContext.Current.Web.EnsureUser(userName).UserToken); }
/// <summary> /// Attempts to resolve a given SharePoint Claims Identity string to a sAMAccountName / Windows Login ID. /// </summary> /// <param name="userName">String. User Identity Claim string.</param> /// <returns></returns> internal static string sAMAccountName(string userName) { SPClaimProviderManager mgr = SPClaimProviderManager.Local; if (mgr != null) { string domainUser = mgr.DecodeClaim(userName).Value; return(domainUser.Substring(domainUser.LastIndexOf('\\') + 1)); } return("unknown"); // user could not be determined from string. }
public string getAccountNameForEmail(string email, string indentityProviderName) { UPSBrowserLogger.LogDebug(loggingCategory, "getIdentityProviders invoked"); UPSBrowserLogger.LogDebug(loggingCategory, $"email: {email}, indentityProviderName: {indentityProviderName}"); string originalIssuer = SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, indentityProviderName); SPClaimProviderManager mgr = SPClaimProviderManager.Local; SPClaim claim = new SPClaim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", email, System.Security.Claims.ClaimValueTypes.String, originalIssuer); string accountName = mgr.EncodeClaim(claim); return(accountName); }
public static string DecodeUsername(string username) { if (SPClaimProviderManager.IsEncodedClaim(username)) { return(SPClaimProviderManager.Local.DecodeClaim(username).Value); } else { return(username); } }
protected void Page_Load(object sender, EventArgs e) { SPClaimProviderManager clmProvider = SPClaimProviderManager.Local; if (clmProvider != null) { usrname = clmProvider.DecodeClaim(SPContext.Current.Web.CurrentUser.LoginName).Value; int index = usrname.IndexOf('\\'); usrDomain = usrname.Substring(0, index); } inpUserName.Value = usrname.ToString(); }
public static string GetClaims(string account) { string userName = null; SPClaimProviderManager mgr = SPClaimProviderManager.Local; if (mgr != null) { SPClaim claim = new SPClaim(SPClaimTypes.UserLogonName, account, "http://www.w3.org/2001/XMLSchema#string", SPOriginalIssuers.Format(SPOriginalIssuerType.Windows)); userName = mgr.EncodeClaim(claim); } return(userName); ; }
private string getUserId() { string userId = string.Empty; try { SPClaimProviderManager mgr = SPClaimProviderManager.Local; if (mgr != null) { userId = mgr.DecodeClaim(SPContext.Current.Web.CurrentUser.LoginName).Value; } } catch (Exception ex) { HandleException(ex); } return(userId.Substring(userId.IndexOf("\\") + 1)); }
private void CheckLists(XmlNode siteNode, string url) { using (SPWeb web = new SPSite(url).OpenWeb()) { XmlNodeList alertNodes = siteNode.SelectNodes("alert[@type='List']"); foreach (XmlNode alertNode in alertNodes) { string alertTitle = alertNode.Attributes["title"].Value; string listTitle = alertNode.Attributes["list"].Value; string loginName = alertNode.Attributes["user"].Value; string objectType = alertNode.Attributes["object"].Value; bool isFolder = objectType.ToLower().Equals("folder"); if (!isFolder) { output.Append(string.Format("user: {0,20}...", loginName)); try { SPList list = web.Lists[listTitle]; SPClaimProviderManager cpm = SPClaimProviderManager.Local; SPClaim userClaim = cpm.ConvertIdentifierToClaim(loginName, SPIdentifierTypes.WindowsSamAccountName); SPUser user = web.EnsureUser(userClaim.ToEncodedString()); string eventType = alertNode.Attributes["event"].Value; SPEventType spEventType = (SPEventType)Enum.Parse(typeof(SPEventType), eventType); string eventFrequency = alertNode.Attributes["frequency"].Value; SPAlertFrequency spAlertFrequency = (SPAlertFrequency)Enum.Parse(typeof(SPAlertFrequency), eventFrequency); string type = alertNode.Attributes["type"].Value; SPAlertType spAlertType = (SPAlertType)Enum.Parse(typeof(SPAlertType), type); SPAlert newAlert = user.Alerts.Add(); newAlert.Title = alertTitle; newAlert.AlertType = spAlertType; newAlert.List = list; newAlert.DeliveryChannels = SPAlertDeliveryChannels.Email; newAlert.EventType = spEventType; newAlert.AlertFrequency = spAlertFrequency; newAlert.Status = SPAlertStatus.On; newAlert.Update(false); output.Append(string.Format("Complete" + Environment.NewLine)); } catch (Exception ex) { output.Append(string.Format("error: {0,20}" + Environment.NewLine, ex.Message)); } } } } }
protected override void CreateChildControls() { // return when user is not a forms based user IClaimsIdentity claimsIdentity = (HttpContext.Current.User != null) ? (HttpContext.Current.User.Identity as IClaimsIdentity) : null; if (claimsIdentity != null) { SPClaimProviderManager mgr = SPClaimProviderManager.Local; SPClaim sPClaim = mgr.DecodeClaimFromFormsSuffix(claimsIdentity.Name); if (SPOriginalIssuers.GetIssuerType(sPClaim.OriginalIssuer) == SPOriginalIssuerType.Windows) { return; } } string changePasswordPage = ""; SPSecurity.RunWithElevatedPrivileges(delegate() { using (SPSite site = new SPSite(SPContext.Current.Site.ID, SPContext.Current.Site.Zone)) { MembershipSettings setting = new MembershipSettings(site.RootWeb); if (setting == null || string.IsNullOrEmpty(setting.ChangePasswordPage)) { return; } changePasswordPage = setting.ChangePasswordPage; } }); // generate return url string source = SPUtility.OriginalServerRelativeRequestUrl; string target = Utils.GetAbsoluteURL(SPContext.Current.Web, changePasswordPage); MenuItemTemplate changePasswordItem = new MenuItemTemplate(); changePasswordItem.Text = LocalizedString.GetString("FBAPackMenus", "FBAChangePassword_Title"); changePasswordItem.Description = LocalizedString.GetString("FBAPackMenus", "FBAChangePassword_Desc"); changePasswordItem.Sequence = 1; changePasswordItem.ClientOnClickNavigateUrl = target + "?Source=" + SPHttpUtility.UrlKeyValueEncode(source); this.Controls.Add(changePasswordItem); }
/// <summary> /// ReCreateWindowsClaimProvider method implementation /// </summary> private void ReCreateWindowsClaimProvider(ProxyClaimsProviderParameters prm) { SPClaimProviderManager cpm = SPClaimProviderManager.Local; try { SPClaimProviderDefinition ppva = new SPClaimProviderDefinition("AD", "Windows Claim Provider", "Microsoft.SharePoint, Version=16.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c", "Microsoft.SharePoint.Administration.Claims.SPActiveDirectoryClaimProvider"); ppva.IsEnabled = true; ppva.IsVisible = true; cpm.AddClaimProvider(ppva); } finally { cpm.Update(true); } }
public override void FeatureActivated(SPFeatureReceiverProperties properties) { ExecBaseFeatureActivated(properties); SPClaimProviderManager cpm = SPClaimProviderManager.Local; foreach (SPClaimProviderDefinition cp in cpm.ClaimProviders) { if (cp.ClaimProviderType == typeof(NSADFSClaimsProvider)) { cp.IsUsedByDefault = false; cpm.Update(); break; } } }
private static SecureStoreServiceClaim GetSSClaim(SPUser user) { SPClaim spClaim = null; var manager = SPClaimProviderManager.Local; if ((manager != null) && SPClaimProviderManager.IsEncodedClaim(user.LoginName)) { spClaim = manager.DecodeClaim(user.LoginName); } else { spClaim = SPClaimProviderManager.CreateUserClaim(user.LoginName, SPOriginalIssuerType.Windows); } SecureStoreServiceClaim ssClaim = new SecureStoreServiceClaim(spClaim); return(ssClaim); }
public override void FeatureActivated(SPFeatureReceiverProperties properties) { ExecBaseFeatureActivated(properties); // Make this custom claims provider enabled but NOT used by default // https://samlman.wordpress.com/2015/02/28/configuring-a-custom-claims-provider-to-be-used-only-on-select-zones-in-sharepoint-2010/ SPClaimProviderManager cpm = SPClaimProviderManager.Local; foreach (SPClaimProviderDefinition cp in cpm.ClaimProviders) { if (cp.ClaimProviderType == typeof(UPSClaimProvider)) { cp.IsUsedByDefault = false; cpm.Update(); break; } } }
private void RemoveAlerts(XmlNode siteNode, string url) { using (SPWeb web = new SPSite(url).OpenWeb()) { SPClaimProviderManager cpm = SPClaimProviderManager.Local; SPClaim userClaim = cpm.ConvertIdentifierToClaim("emirates\\s717981", SPIdentifierTypes.WindowsSamAccountName); SPUser tempUser = web.EnsureUser(userClaim.ToEncodedString()); web.AllowUnsafeUpdates = true; try { SPAlertCollection allAlerts = web.Alerts; List <Guid> alertsToDelete = new List <Guid>(); foreach (SPAlert spAlert in allAlerts) { alertsToDelete.Add(spAlert.ID); } Guid [] alerts = alertsToDelete.ToArray(); for (int i = 0; i < alerts.Length; i++) { SPAlert alert = allAlerts[alerts[i]]; alert.User = tempUser; alert.Status = SPAlertStatus.Off; alert.Update(); } foreach (Guid alertGuid in alertsToDelete) { allAlerts.Delete(alertGuid); } web.Update(); } catch (Exception ex) { Console.WriteLine(ex.Message); } web.AllowUnsafeUpdates = false; } }
private ClaimsContext(SPContext context) { SPWebApplication webApplication = context.Site.WebApplication; foreach (SPAlternateUrl mapping in webApplication.AlternateUrls) { SPIisSettings settings = webApplication.GetIisSettingsWithFallback(mapping.UrlZone); if (settings.UseFormsClaimsAuthenticationProvider) { this.FormsMembershipProvider = Membership.Providers[settings.FormsClaimsAuthenticationProvider.MembershipProvider]; this.FormsRoleProvider = Roles.Providers[settings.FormsClaimsAuthenticationProvider.RoleProvider]; break; } } SPUser currentUser = context.Web.CurrentUser; if (currentUser != null && SPClaimProviderManager.IsEncodedClaim(currentUser.LoginName)) { SPClaim claim = SPClaimProviderManager.Local.DecodeClaim(currentUser.LoginName); this.IsWindowsUser = claim.OriginalIssuer == "Windows"; if (claim.OriginalIssuer.StartsWith("Forms:")) { if (this.FormsMembershipProvider != null && this.FormsMembershipProvider.Name.Equals(claim.OriginalIssuer.Substring(6), StringComparison.OrdinalIgnoreCase)) { this.FormsUser = this.FormsMembershipProvider.GetUser(claim.Value, false); if (this.FormsUser != null) { this.IsFormsUser = true; this.FormsUserId = claim.Value; this.FormsUserProfile = ProfileBase.Create(this.FormsUser.UserName); } } } } this.IsAnonymous = !this.IsFormsUser && !this.IsWindowsUser; }
protected override void FillResolve(Uri context, string[] entityTypes, SPClaim resolveInput, List <Microsoft.SharePoint.WebControls.PickerEntity> resolved) { UPSClaimProviderLogger.LogDebug("FillResolve type2 invoked!"); string outputString; outputString = $"resolveInput - "; outputString += $"ClaimType: {resolveInput.ClaimType}; "; outputString += $"OriginalIssuer: {resolveInput.OriginalIssuer}; "; outputString += $"Value: {resolveInput.Value}; "; outputString += $"ValueType: {resolveInput.ValueType}; "; UPSClaimProviderLogger.LogDebug(outputString); UPSClaimProviderLogger.LogDebug($"SPTrustedIdentityTokenIssuerName: {SPTrustedIdentityTokenIssuerName}"); if (!resolveInput.OriginalIssuer.ToLower().Contains(SPTrustedIdentityTokenIssuerName.ToLower())) { return; } SPClaimProviderManager cpm = SPClaimProviderManager.Local; string accountName = cpm.EncodeClaim(resolveInput); User foundUser = usersDAL.GetUserByAccountName(accountName); if (foundUser == null) { UPSClaimProviderLogger.LogError($"usersDAL.GetUserByAccountName(accountName) returned null! Error performing the final resolving of the user in FillResolve type2"); return; } ; UPSClaimProviderLogger.LogDebug($"foundUser.Email: {foundUser.Email}"); PickerEntity entity = GetPickerEntity(foundUser); resolved.Add(entity); UPSClaimProviderLogger.LogDebug($"Added PickerEntity to resolved with Claim - Claim.Value: {entity.Claim.Value}, Claim.ClaimType: {entity.Claim.ClaimType}, Claim.OriginalIssuer: {entity.Claim.OriginalIssuer}"); }
public static void InitializeSiteCollection() { #if DEBUG TestSiteCollUri = new Uri("http://spsites/sites/" + TestContext.Parameters["TestSiteCollectionName"]); return; // Uncommented when debugging LDAPCP code from unit tests #endif logFileListener = new TextWriterTraceListener(TestContext.Parameters["TestLogFileName"]); Trace.Listeners.Add(logFileListener); Trace.AutoFlush = true; Trace.TraceInformation($"{DateTime.Now.ToString("s")} Start integration tests of {ClaimsProviderName} {FileVersionInfo.GetVersionInfo(Assembly.GetAssembly(typeof(ldapcp.LDAPCP)).Location).FileVersion}."); Trace.WriteLine($"{DateTime.Now.ToString("s")} DataFile_AllAccounts_Search: {DataFile_AllAccounts_Search}"); Trace.WriteLine($"{DateTime.Now.ToString("s")} DataFile_AllAccounts_Validate: {DataFile_AllAccounts_Validate}"); Trace.WriteLine($"{DateTime.Now.ToString("s")} TestSiteCollectionName: {TestContext.Parameters["TestSiteCollectionName"]}"); if (SPTrust == null) { Trace.TraceError($"{DateTime.Now.ToString("s")} SPTrust: is null"); } else { Trace.WriteLine($"{DateTime.Now.ToString("s")} SPTrust: {SPTrust.Name}"); } LDAPCPConfig config = LDAPCPConfig.GetConfiguration(UnitTestsHelper.ClaimsProviderConfigName, UnitTestsHelper.SPTrust.Name); if (config == null) { LDAPCPConfig.CreateConfiguration(ClaimsProviderConstants.CONFIG_ID, ClaimsProviderConstants.CONFIG_NAME, SPTrust.Name); } var service = SPFarm.Local.Services.GetValue <SPWebService>(String.Empty); SPWebApplication wa = service.WebApplications.FirstOrDefault(); if (wa != null) { Trace.WriteLine($"{DateTime.Now.ToString("s")} Web application {wa.Name} found."); SPClaimProviderManager claimMgr = SPClaimProviderManager.Local; string encodedClaim = claimMgr.EncodeClaim(TrustedGroup); SPUserInfo userInfo = new SPUserInfo { LoginName = encodedClaim, Name = TrustedGroupToAdd_ClaimValue }; // The root site may not exist, but it must be present for tests to run Uri rootWebAppUri = wa.GetResponseUri(0); if (!SPSite.Exists(rootWebAppUri)) { Trace.WriteLine($"{DateTime.Now.ToString("s")} Creating root site collection {rootWebAppUri.AbsoluteUri}..."); SPSite spSite = wa.Sites.Add(rootWebAppUri.AbsoluteUri, "root", "root", 1033, "STS#1", FarmAdmin, String.Empty, String.Empty); spSite.RootWeb.CreateDefaultAssociatedGroups(FarmAdmin, FarmAdmin, spSite.RootWeb.Title); SPGroup membersGroup = spSite.RootWeb.AssociatedMemberGroup; membersGroup.AddUser(userInfo.LoginName, userInfo.Email, userInfo.Name, userInfo.Notes); spSite.Dispose(); } if (!Uri.TryCreate(rootWebAppUri, TestSiteRelativePath, out TestSiteCollUri)) { Trace.TraceError($"{DateTime.Now.ToString("s")} Unable to generate Uri of test site collection from Web application Uri {rootWebAppUri.AbsolutePath} and relative path {TestSiteRelativePath}."); } if (!SPSite.Exists(TestSiteCollUri)) { Trace.WriteLine($"{DateTime.Now.ToString("s")} Creating site collection {TestSiteCollUri.AbsoluteUri}..."); SPSite spSite = wa.Sites.Add(TestSiteCollUri.AbsoluteUri, ClaimsProviderName, ClaimsProviderName, 1033, "STS#1", FarmAdmin, String.Empty, String.Empty); spSite.RootWeb.CreateDefaultAssociatedGroups(FarmAdmin, FarmAdmin, spSite.RootWeb.Title); SPGroup membersGroup = spSite.RootWeb.AssociatedMemberGroup; membersGroup.AddUser(userInfo.LoginName, userInfo.Email, userInfo.Name, userInfo.Notes); spSite.Dispose(); } else { using (SPSite spSite = new SPSite(TestSiteCollUri.AbsoluteUri)) { SPGroup membersGroup = spSite.RootWeb.AssociatedMemberGroup; membersGroup.AddUser(userInfo.LoginName, userInfo.Email, userInfo.Name, userInfo.Notes); } } } else { Trace.TraceError($"{DateTime.Now.ToString("s")} Web application was NOT found."); } }
internal static SecureStoreServiceClaim GetSecureStoreClaim(string userName) { SPClaim claim = SPClaimProviderManager.CreateUserClaim(userName, SPOriginalIssuerType.ClaimProvider); return(new SecureStoreServiceClaim(claim)); }
public static string GetEmailFromUser(string userIdentifier) { if (string.IsNullOrEmpty(userIdentifier)) { throw new ApplicationException("[GetEmailFromUser] The input 'userIdentifier' param can not be null or empty "); } Regex regex = new Regex(@"^([\w\.\-]+)@([\w\-]+)((\.(\w){2,3})+)$"); Match match = regex.Match(userIdentifier); if (match.Success) { return(userIdentifier); } // else check if its claim var userLogin = string.Empty; try { SPClaimProviderManager mgr = SPClaimProviderManager.Local; userLogin = mgr.DecodeClaim(userIdentifier).Value; } catch (ArgumentException) { userLogin = userIdentifier; } var rooturl = string.Empty; if (!SPFarm.Local.Properties.ContainsKey(Constants.KeyRootSiteColl)) { throw new ApplicationException("Farm is missing Root Site Collection property [" + Constants.KeyRootSiteColl + "]"); } else { rooturl = SPFarm.Local.Properties[Constants.KeyRootSiteColl] as string; } SPUser user = null; using (SPSite site = new SPSite(rooturl)) using (SPWeb web = site.OpenWeb()) { //web.ValidateFormDigest(); try { web.AllowUnsafeUpdates = true; user = web.EnsureUser(userLogin.ToLower()); } catch (Exception ex) { //TODO log } finally { web.AllowUnsafeUpdates = false; } } if (user == null) { throw new ApplicationException(string.Format("No user with id {0} found", userIdentifier)); } return(user.Email); }
private static SecureStoreServiceClaim GetSecureStoreClaim(string userName) { var claim = SPClaimProviderManager.CreateUserClaim(userName, SPOriginalIssuerType.Windows); return(new SecureStoreServiceClaim(claim)); }