/// <summary>
/// Issues the account staff claims.
/// </summary>
/// <param name="claimsPrincipal">The claims principal.</param>
/// <param name="systemAccount">The system account.</param>
/// <exception cref="System.InvalidOperationException">
/// Staff does not exist for key + systemAccount.StaffKey
/// or
/// Patient does not exist for key + systemAccount.PatientKey.
/// </exception>
public void IssueAccountClaims(ClaimsPrincipal claimsPrincipal, SystemAccount systemAccount)
{
var identity = claimsPrincipal.Identity as ClaimsIdentity;
if (identity != null)
{
identity.AddClaim(new Claim(ProCenterClaimType.AccountKeyClaimType, systemAccount.Key.ToString()));
if (systemAccount.OrganizationKey != Guid.Empty)
{
identity.AddClaim(new Claim(ProCenterClaimType.OrganizationKeyClaimType, systemAccount.OrganizationKey.ToString()));
identity.AddClaim(new Claim(ProCenterClaimType.OrganizationNameClaimType, GetOrganizationName(systemAccount.OrganizationKey)));
}
var emailClaim = identity.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email);
if (emailClaim != null)
{
identity.RemoveClaim(emailClaim);
}
identity.AddClaim(new Claim(ClaimTypes.Email, systemAccount.Email.Address));
if (systemAccount.StaffKey != null)
{
var staff = _staffRepository.GetByKey(systemAccount.StaffKey.Value);
if (staff == null)
{
throw new InvalidOperationException("Staff does not exist for key " + systemAccount.StaffKey);
}
identity.AddClaim(new Claim(ProCenterClaimType.StaffKeyClaimType, systemAccount.StaffKey.ToString()));
identity.AddClaim(new Claim(ProCenterClaimType.UserFirstNameClaimType, staff.Name.FirstName));
identity.AddClaim(new Claim(ProCenterClaimType.UserLastNameClaimType, staff.Name.LastName));
systemAccount.Validate();
}
else if (systemAccount.PatientKey != null)
{
var patient = _patientRepository.GetByKey(systemAccount.PatientKey.Value);
if (patient == null)
{
throw new InvalidOperationException("Patient does not exist for key " + systemAccount.PatientKey);
}
identity.AddClaim(new Claim(ProCenterClaimType.PatientKeyClaimType, systemAccount.PatientKey.ToString()));
identity.AddClaim(new Claim(ProCenterClaimType.UserFirstNameClaimType, patient.Name.FirstName));
identity.AddClaim(new Claim(ProCenterClaimType.UserLastNameClaimType, patient.Name.LastName));
}
else
{
identity.AddClaim(
new Claim(ProCenterClaimType.UserFirstNameClaimType,
systemAccount.Identifier.Substring(0, systemAccount.Identifier.IndexOf('@'))));
}
if (systemAccount.Validated)
{
IssueSystemAccountValidationClaim(claimsPrincipal);
}
systemAccount.LogIn();
}
}
public ValidationStatus ValidateInfo(SystemAccount systemAccount, string patientIdentifier, DateTime dateOfBirth)
{
if (string.Equals(patientIdentifier, UniqueIdentifier) && DateOfBirth.Value == dateOfBirth)
{
systemAccount.Validate();
UserContext.Current.RefreshValidationAttempts();
return(ValidationStatus.Valid);
}
if (UserContext.Current.ValidationAttempts >= 3)
{
systemAccount.Lock();
return(ValidationStatus.Locked);
}
UserContext.Current.FailedValidationAttempt();
return(ValidationStatus.AttemptFailed);
}
