public override void Run(JsonElement userData, ClaimsIdentity identity, string issuer)
{
var scopes = CloudFoundryHelper.GetScopes(userData);
if (scopes != null)
{
foreach (var s in scopes)
{
identity.AddClaim(new Claim(ClaimType, s, ValueType, issuer));
}
}
}
protected override async Task <AuthenticationTicket> CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens)
{
HttpRequestMessage request = GetTokenInfoRequestMessage(tokens);
HttpClient client = GetHttpClient();
#if NET452
RemoteCertificateValidationCallback prevValidator = null;
if (!Options.ValidateCertificates)
{
prevValidator = ServicePointManager.ServerCertificateValidationCallback;
ServicePointManager.ServerCertificateValidationCallback = (sender, cert, chain, sslPolicyErrors) => true;
}
#endif
HttpResponseMessage response = null;
try
{
response = await client.SendAsync(request, Context.RequestAborted);
}
finally
{
#if NET452
ServicePointManager.ServerCertificateValidationCallback = prevValidator;
#endif
}
response.EnsureSuccessStatusCode();
var resp = await response.Content.ReadAsStringAsync();
var payload = JObject.Parse(resp);
var identifier = CloudFoundryHelper.GetId(payload);
if (!string.IsNullOrEmpty(identifier))
{
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, identifier, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var givenName = CloudFoundryHelper.GetGivenName(payload);
if (!string.IsNullOrEmpty(givenName))
{
identity.AddClaim(new Claim(ClaimTypes.GivenName, givenName, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var familyName = CloudFoundryHelper.GetFamilyName(payload);
if (!string.IsNullOrEmpty(familyName))
{
identity.AddClaim(new Claim(ClaimTypes.Surname, familyName, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var name = CloudFoundryHelper.GetName(payload);
if (!string.IsNullOrEmpty(name))
{
identity.AddClaim(new Claim(ClaimTypes.Name, name, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var email = CloudFoundryHelper.GetEmail(payload);
if (!string.IsNullOrEmpty(email))
{
identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var scopes = CloudFoundryHelper.GetScopes(payload);
if (scopes != null)
{
foreach (var s in scopes)
{
identity.AddClaim(new Claim("scope", s, ClaimValueTypes.String, Options.ClaimsIssuer));
}
}
var ticket = new AuthenticationTicket(new ClaimsPrincipal(identity), properties, Options.AuthenticationScheme);
var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload);
await Options.Events.CreatingTicket(context);
return(context.Ticket);
}