private Dictionary <string, object> GetUserClaims(string user, string password)
{
string userName = GetUserName(user);
string domainName = GetDomainName(user);
Dictionary <string, object> userMetaData = new Dictionary <string, object>();
userMetaData.Add("user", userName);
userMetaData.Add("domainName", domainName);
userMetaData.Add("userName", userName);
userMetaData.Add("environment", EnvironmentName);
userMetaData.Add("isAuthenticated", false);
userMetaData.Add("isAuthorized", false);
if (!AuthenticationManager.Authenticate(userName, password, domainName))
{
return(userMetaData);
}
userMetaData["isAuthenticated"] = true;
UserIdentity userIdentity = AuthorizationManager.GetUserIdentity(userName, domainName, EnvironmentName, MarkelConfiguration.ApplicationName);
if (!EnvironmentName.Equals(userIdentity?.EnvironmentName))
{
throw new Exception("User Identity does not match requested environment!");
}
if (userIdentity == null)
{
return(userMetaData);
}
// Successful Authentication
userMetaData["isAuthorized"] = true;
userMetaData.Add("application", userIdentity.ApplicationName);
userMetaData.Add("applicationVersion", IOHelper.GetServerVersion());
userMetaData.Add("authTokenDate", userIdentity.AuthenticatedOn.ToString());
userMetaData.Add("authToken", userIdentity.AuthenticationToken.ToString());
userMetaData.Add("authTokenExpireDate", userIdentity.AuthenticationTokenExpiration.ToString());
userMetaData.Add("ermsHome", userIdentity.GetPath("ErmsHome"));
userMetaData.Add("serviceAccount", userIdentity.IsServiceAccount.ToString());
// this better match: userMetaData.Add("userName", userIdentity.UserName);
foreach (var permission in userIdentity.Permissions.Where(p => p.Value == true))
{
userMetaData.Add(permission.Key, permission.Value.ToString());
}
return(userMetaData);
}