private string GetSuccessReturnUri(User user, string returnUrl) { var loginResult = BankIdLoginResult.Success(user.PersonalIdentityNumber, user.Name, user.GivenName, user.Surname); var protectedLoginResult = _loginResultProtector.Protect(loginResult); var queryString = $"loginResult={_urlEncoder.Encode(protectedLoginResult)}"; return(AppendQueryString(returnUrl, queryString)); }
private async Task <AuthenticationTicket> GetAuthenticationTicket(BankIdLoginResult loginResult, AuthenticationProperties properties) { if (Options.TokenExpiresIn.HasValue) { properties.ExpiresUtc = Clock.UtcNow.Add(Options.TokenExpiresIn.Value); } var claims = await GetClaims(loginResult); var identity = new ClaimsIdentity(claims, Scheme.Name, BankIdClaimTypes.Name, BankIdClaimTypes.Role); var principal = new ClaimsPrincipal(identity); return(new AuthenticationTicket(principal, properties, Scheme.Name)); }
private AuthenticationTicket GetAuthenticationTicket(BankIdLoginResult loginResult, AuthenticationProperties properties) { DateTimeOffset?expiresUtc = null; if (Options.TokenExpiresIn.HasValue) { expiresUtc = Clock.UtcNow.Add(Options.TokenExpiresIn.Value); properties.ExpiresUtc = expiresUtc; } var claims = GetClaims(loginResult, expiresUtc); var identity = new ClaimsIdentity(claims, Scheme.Name, BankIdClaimTypes.Name, BankIdClaimTypes.Role); var principal = new ClaimsPrincipal(identity); return(new AuthenticationTicket(principal, properties, Scheme.Name)); }
private async Task <IEnumerable <Claim> > GetClaims(BankIdLoginResult loginResult) { var context = new BankIdClaimsTransformationContext( Options, loginResult.BankIdOrderRef, loginResult.PersonalIdentityNumber, loginResult.Name, loginResult.GivenName, loginResult.Surname ); foreach (var transformer in _bankIdClaimsTransformers) { await transformer.TransformClaims(context); } return(context.Claims); }
private IEnumerable <Claim> GetClaims(BankIdLoginResult loginResult, DateTimeOffset?expiresUtc) { var personalIdentityNumber = SwedishPersonalIdentityNumber.Parse(loginResult.PersonalIdentityNumber); var claims = new List <Claim> { new Claim(BankIdClaimTypes.Subject, personalIdentityNumber.To12DigitString()), new Claim(BankIdClaimTypes.Name, loginResult.Name), new Claim(BankIdClaimTypes.FamilyName, loginResult.Surname), new Claim(BankIdClaimTypes.GivenName, loginResult.GivenName), new Claim(BankIdClaimTypes.SwedishPersonalIdentityNumber, personalIdentityNumber.To10DigitString()) }; AddOptionalClaims(claims, personalIdentityNumber, expiresUtc); return(claims); }
public string Protect(BankIdLoginResult loginResult) { return(_secureDataFormat.Protect(loginResult)); }