private static Tuple <string, string[]> AuthenticateAndAuthorizeUser(IPrincipal user, IConfiguration configuration)
{
var userRoles = configuration.ActiveDirectoryUserGroups();
var adminRoles = configuration.ActiveDirectoryUserGroups();
var claims = new string[0];
if (adminRoles.Any(user.IsInRole))
{
claims = new[] { "admin" };
}
else if (userRoles.Any(user.IsInRole) == false)
{
throw new AuthenticationException(
$"Could not find valid role for {user.Identity.Name}\n\n" +
$"{string.Join("<br>", adminRoles.Concat(userRoles))}");
}
var name = user.Identity.Name.Replace('\\', '/');
string fullName;
try
{
var activeDirectoryEntry = new DirectoryEntry("WinNT://" + name);
fullName = activeDirectoryEntry.Properties["FullName"].Value.ToString();
}
catch (Exception)
{
fullName = name;
}
return(new Tuple <string, string[]>(fullName, claims));
}
