public IEnumerable <Claim> GetTokenClaims(IdentityUser identityUser, string googleOauthToken)
{
var claims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Jti, identityUser.Id.ToString()),
new Claim(JwtRegisteredClaimNames.Email, identityUser.Email ?? string.Empty),
new Claim("oauth", googleOauthToken ?? string.Empty)
};
if (identityUser.PersonId.HasValue)
{
claims.Add(new Claim(AuthenticateController.ClaimPersonId, identityUser.PersonId.ToString()));
var group = _userService.FindGroupIdIfSupervisor(identityUser.PersonId.Value);
if (@group != null)
{
claims.Add(new Claim(AuthenticateController.ClaimSupervisor, @group.Id.ToString()));
claims.Add(new Claim(AuthenticateController.ClaimSupervisorType, @group.Type.ToString()));
}
var personWithStaff = _personService.GetStaffById(identityUser.PersonId.Value);
if (personWithStaff.Staff?.LeaveDelegateGroupId != null)
{
claims.Add(new Claim(AuthenticateController.ClaimLeaveDelegate,
personWithStaff.Staff.LeaveDelegateGroupId.Value.ToString()));
}
}
return(claims);
}
public static async Task SetupDevDatabase(IServiceProvider serviceProvider)
{
using (var scope = serviceProvider.CreateScope())
{
var dbConnection = scope.ServiceProvider.GetService <IDbConnection>();
var roleManager = scope.ServiceProvider.GetService <RoleManager <IdentityRole <int> > >();
var missingRoles =
new[] { "admin", "hr", "hradmin", "registrar" }.Except(roleManager.Roles.Select(role => role.Name));
foreach (var missingRole in missingRoles)
{
await roleManager.CreateAsync(new IdentityRole <int>(missingRole));
}
//to configure db look at ServiceFixture.SetupSchema
if (!dbConnection.Users.Any())
{
var userService = scope.ServiceProvider.GetService <UserService>();
var identityUser = new IdentityUser
{
UserName = "******",
ResetPassword = true
};
await userService.CreateAsync(identityUser, "password");
await userService.AddToRoleAsync(identityUser, "admin");
}
}
}
public async Task <JwtSecurityToken> GetJwtSecurityToken(IdentityUser identityUser)
{
var claimsPrincipal = await _signInManager.CreateUserPrincipalAsync(identityUser);
var oauthToken =
await _signInManager.UserManager.GetAuthenticationTokenAsync(identityUser,
"Google",
AuthenticateController.GoogleOAuthTokenName);
return(new JwtSecurityToken(
issuer: _jwtOptions.Issuer,
audience: _jwtOptions.Audience,
claims: GetTokenClaims(identityUser, oauthToken).Union(claimsPrincipal.Claims),
expires: DateTime.UtcNow.AddDays(7),
signingCredentials: new SigningCredentials(
new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtOptions.SecretKey)),
SecurityAlgorithms.HmacSha256)
));
}
public async Task <string> GetJwtSecurityTokenAsString(IdentityUser identityUser)
{
var token = await GetJwtSecurityToken(identityUser);
return(_securityTokenHandler.WriteToken(token));
}
