private static Tuple <string, string[]> AuthenticateAndAuthorizeUser(IPrincipal user, IConfiguration configuration) { var userRoles = configuration.ActiveDirectoryUserGroups(); var adminRoles = configuration.ActiveDirectoryUserGroups(); var claims = new string[0]; if (adminRoles.Any(user.IsInRole)) { claims = new[] { "admin" }; } else if (userRoles.Any(user.IsInRole) == false) { throw new AuthenticationException( $"Could not find valid role for {user.Identity.Name}\n\n" + $"{string.Join("<br>", adminRoles.Concat(userRoles))}"); } var name = user.Identity.Name.Replace('\\', '/'); string fullName; try { var activeDirectoryEntry = new DirectoryEntry("WinNT://" + name); fullName = activeDirectoryEntry.Properties["FullName"].Value.ToString(); } catch (Exception) { fullName = name; } return(new Tuple <string, string[]>(fullName, claims)); }