/// <summary>
/// Initializes a new instance of the <see cref="DefaultUser"/> class.
/// </summary>
/// <param name="principal">The principal.</param>
private DefaultUser(ClaimsPrincipal principal) {
if (principal == null) {
throw new ArgumentNullException(nameof(principal));
}
_isFromDeserialize = false;
_principal = principal;
if (principal.FindFirstValue(JwtClaimTypes.Subject) == null) {
IsAuthenticated = false;
Id = 0;
}
else {
IsAuthenticated = principal.Identities.Any(i => i.IsAuthenticated);
Id = int.Parse(principal.FindFirstValue(JwtClaimTypes.Subject));
UserName = principal.FindFirstValue(JwtClaimTypes.Name);
}
}
/// <summary>
/// Builds the cache key to use for this item in the distributed cache.
/// </summary>
/// <param name="claimsPrincipal">A <see cref="System.Security.Claims.ClaimsPrincipal"/> for the signed in user</param>
/// <returns>Cache key for this item.</returns>
private static string BuildCacheKey(ClaimsPrincipal claimsPrincipal)
{
Guard.ArgumentNotNull(claimsPrincipal, nameof(claimsPrincipal));
string clientId = claimsPrincipal.FindFirstValue("aud", true);
return string.Format(
"UserId:{0}::ClientId:{1}",
claimsPrincipal.GetObjectIdentifierValue(),
clientId);
}
private async Task<ClaimsPrincipal> ValidateSecurityStamp(ClaimsPrincipal principal, string userId) {
Guid userGuid;
if (Guid.TryParse(userId, out userGuid)) {
ClaimsPrincipal freshPrincipal = await Query.Execute(new ClaimsPrincipalByUserId(userGuid));
var freshStamp = freshPrincipal.FindFirstValue(Options.ClaimsIdentity.SecurityStampClaimType);
var currentStamp = principal.FindFirstValue(Options.ClaimsIdentity.SecurityStampClaimType);
if (freshStamp == currentStamp) {
return freshPrincipal;
}
}
return null;
}
public Task<bool> ValidateSecurityStampAsync(User user, ClaimsPrincipal principal)
{
if(user != null && UserManager.SupportsUserSecurityStamp)
{
var securityStamp = principal.FindFirstValue(IdentityOptions.ClaimsIdentity.SecurityStampClaimType);
if(securityStamp == user.SecurityStamp)
{
return Task.FromResult(true);
}
}
return Task.FromResult(false);
}
public static string GetSubjectId(this ClaimsPrincipal principal)
{
return(principal
.FindFirstValue(ApiConstants.SubjectNameIdentifier));
}
public static string GetUserName(this ClaimsPrincipal principal)
{
return(principal.FindFirstValue(ClaimsIdentity.DefaultNameClaimType));
}
public static string GetEmailValue(this ClaimsPrincipal principal)
{
return(principal.FindFirstValue(ClaimTypes.Email, true));
}
public static string GetDisplayNameValue(this ClaimsPrincipal principal)
{
return(principal.FindFirstValue(AzureADClaimTypes.Name, true));
}
/// <summary>
/// Returns the audience id of the current claims principal targeted.
/// As eveluating application, this is (one of) our configured clientid (s).
/// </summary>
/// <param name="principal"></param>
/// <param name="throwIfNotFound"></param>
/// <returns></returns>
public static string GetAudienceId(this ClaimsPrincipal principal,
bool throwIfNotFound = true) => principal.FindFirstValue(
"aud", throwIfNotFound);
public static int GetSurveyTenantIdValue(this ClaimsPrincipal principal)
{
return((int)Convert.ChangeType(principal.FindFirstValue(SurveyClaimTypes.SurveyTenantIdClaimType, true), typeof(int)));
}
/// <summary>
/// Extension method on <see cref="System.Security.Claims.ClaimsPrincipal"/> which returns the AAD Tenant ID, if it exists.
/// </summary>
/// <param name="principal">A <see cref="System.Security.Claims.ClaimsPrincipal"/> representing the currently signed in ASP.NET user.</param>
/// <returns>The AAD Tenant ID if it exists, otherwise, an exception is thrown.</returns>
public static string GetTenantIdValue(this ClaimsPrincipal principal)
{
return(principal.FindFirstValue(AzureADClaimTypes.TenantId, true));
}
public static string GetIssuerValue(this ClaimsPrincipal principal, bool throwIfNotFound = true)
{
return(principal.FindFirstValue(OpenIdConnectClaimTypes.IssuerValue, throwIfNotFound));
}
public static string GetSubjectId(this ClaimsPrincipal principal)
{
return(principal.FindFirstValue(SubjectClaimType));
}
public static bool IsBearer(this ClaimsPrincipal principal)
{
return(principal.FindFirstValue(IssuerClaimType) != null);
}
/// <summary>
/// Returns the scope for the current claims principal
/// </summary>
/// <param name="principal"></param>
/// <param name="throwIfNotFound"></param>
/// <returns></returns>
public static string GetScope(this ClaimsPrincipal principal,
bool throwIfNotFound = false) => principal.FindFirstValue(
"http://schemas.microsoft.com/identity/claims/scope",
throwIfNotFound);
public static string GetObjectIdentifierValue(this ClaimsPrincipal principal, bool throwIfNotFound = true)
{
return(principal.FindFirstValue(AzureADClaimTypes.ObjectId, throwIfNotFound));
}
/// <summary>
/// Get identifier of the object targeted by the logged in principal's
/// claim.
/// </summary>
/// <param name="principal"></param>
/// <param name="throwIfNotFound"></param>
/// <returns></returns>
public static string GetObjectId(this ClaimsPrincipal principal,
bool throwIfNotFound = true) => principal.FindFirstValue(
"http://schemas.microsoft.com/identity/claims/objectidentifier",
throwIfNotFound);
