protected override async Task AddApplicationSpecificClaimsAsync(List <Claim> claims) { var identityAttributes = await _identityAttributeStorage.GetIdentityAttributesAsync(Guid.Parse(claims.First(c => c.Type == ClaimTypes.NameIdentifier).Value)); if (identityAttributes.Any(m => m.Attribute == "Administrator")) { claims.Add(new Claim("http://rinsen.se/Administrator", "True")); } }
private async Task <List <Extension> > GetIdentityAttributesAsExternsions(Identity identity) { var identityAttributes = await _identityAttributeStorage.GetIdentityAttributesAsync(identity.IdentityId); var extensions = new List <Extension>(); if (identityAttributes.Any(attr => attr.Attribute == "Administrator")) { extensions.Add(new Extension { Type = RinsenIdentityConstants.Role, Value = RinsenIdentityConstants.Administrator }); } return(extensions); }
private async Task <List <Claim> > GetClaimsForIdentityAsync(Identity identity, string host, bool rememberMe, DateTimeOffset expiration) { var sessionId = _randomStringGenerator.GetRandomString(32); var timeToExpiration = expiration.Subtract(DateTimeOffset.Now); var claims = new List <Claim> { new Claim(ClaimTypes.Name, identity.GivenName + " " + identity.Surname, ClaimValueTypes.String, RinsenIdentityConstants.RinsenIdentityProvider), new Claim(StandardClaims.Issuer, host, ClaimValueTypes.String, RinsenIdentityConstants.RinsenIdentityProvider), new Claim(StandardClaims.Subject, identity.IdentityId.ToString(), ClaimValueTypes.String, RinsenIdentityConstants.RinsenIdentityProvider), new Claim(StandardClaims.SessionId, sessionId, ClaimValueTypes.String, RinsenIdentityConstants.RinsenIdentityProvider), new Claim(StandardClaims.Expiration, expiration.ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64) }; var identityAttributes = await _identityAttributeStorage.GetIdentityAttributesAsync(identity.IdentityId); if (identityAttributes.Any(m => m.Attribute == "Administrator")) { claims.Add(new Claim(RinsenClaimTypes.Administrator, "true", ClaimValueTypes.String, RinsenIdentityConstants.RinsenIdentityProvider)); } return(claims); }