Esempio n. 1
0
        public async Task InvokeAsync(HttpContext context,
                                      UsersDb db,
                                      IClaimsService claimsService)
        {
            if (!context.User.Identity.IsAuthenticated ||
                !context.User.TryGetEmail(out var email))
            {
                await _next(context);

                return;
            }

            var identity = context.User.Identities.First();
            var user     = await db.Users.FirstOrDefaultAsync(x => x.Email == email);

            if (user == null)
            {
                await _next(context);

                return;
            }

            foreach (var claim in await claimsService.GetClaimsAsync(user.Id))
            {
                identity.AddClaim(new Claim(claim.ClaimType, claim.ClaimValue, claim.ClaimValueType, "theapp"));
            }

            await _next(context);
        }
Esempio n. 2
0
        public async Task <IActionResult> GetUserClaims(string userIdOrEmail)
        {
            var user = long.TryParse(userIdOrEmail, out var userId)
                ? await _db.Users.FirstAsync(x => x.Id == userId)
                : await _db.Users.FirstAsync(x => x.Email == userIdOrEmail);

            var authorizationResult = await _authorizationService.AuthorizeAsync(User, user, Operations.Read);

            if (!authorizationResult.Succeeded)
            {
                return(Forbid());
            }

            return(Ok(await _claimsService.GetClaimsAsync(user.Id)));
        }