public IEnumerable <Claim> GetTokenClaims(IdentityUser identityUser, string googleOauthToken) { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Jti, identityUser.Id.ToString()), new Claim(JwtRegisteredClaimNames.Email, identityUser.Email ?? string.Empty), new Claim("oauth", googleOauthToken ?? string.Empty) }; if (identityUser.PersonId.HasValue) { claims.Add(new Claim(AuthenticateController.ClaimPersonId, identityUser.PersonId.ToString())); var group = _userService.FindGroupIdIfSupervisor(identityUser.PersonId.Value); if (@group != null) { claims.Add(new Claim(AuthenticateController.ClaimSupervisor, @group.Id.ToString())); claims.Add(new Claim(AuthenticateController.ClaimSupervisorType, @group.Type.ToString())); } var personWithStaff = _personService.GetStaffById(identityUser.PersonId.Value); if (personWithStaff.Staff?.LeaveDelegateGroupId != null) { claims.Add(new Claim(AuthenticateController.ClaimLeaveDelegate, personWithStaff.Staff.LeaveDelegateGroupId.Value.ToString())); } } return(claims); }
public static async Task SetupDevDatabase(IServiceProvider serviceProvider) { using (var scope = serviceProvider.CreateScope()) { var dbConnection = scope.ServiceProvider.GetService <IDbConnection>(); var roleManager = scope.ServiceProvider.GetService <RoleManager <IdentityRole <int> > >(); var missingRoles = new[] { "admin", "hr", "hradmin", "registrar" }.Except(roleManager.Roles.Select(role => role.Name)); foreach (var missingRole in missingRoles) { await roleManager.CreateAsync(new IdentityRole <int>(missingRole)); } //to configure db look at ServiceFixture.SetupSchema if (!dbConnection.Users.Any()) { var userService = scope.ServiceProvider.GetService <UserService>(); var identityUser = new IdentityUser { UserName = "******", ResetPassword = true }; await userService.CreateAsync(identityUser, "password"); await userService.AddToRoleAsync(identityUser, "admin"); } } }
public async Task <JwtSecurityToken> GetJwtSecurityToken(IdentityUser identityUser) { var claimsPrincipal = await _signInManager.CreateUserPrincipalAsync(identityUser); var oauthToken = await _signInManager.UserManager.GetAuthenticationTokenAsync(identityUser, "Google", AuthenticateController.GoogleOAuthTokenName); return(new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: GetTokenClaims(identityUser, oauthToken).Union(claimsPrincipal.Claims), expires: DateTime.UtcNow.AddDays(7), signingCredentials: new SigningCredentials( new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtOptions.SecretKey)), SecurityAlgorithms.HmacSha256) )); }
public async Task <string> GetJwtSecurityTokenAsString(IdentityUser identityUser) { var token = await GetJwtSecurityToken(identityUser); return(_securityTokenHandler.WriteToken(token)); }