/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { var logValues = new FormattedLogValues("Get profile called for subject {subject} from client {client} with claim types {claimTypes} via {caller}", context.Subject.GetSubjectId(), context.Client.ClientName ?? context.Client.ClientId, context.RequestedClaimTypes, context.Caller); Logger.LogDebug(logValues.ToString()); if (context.RequestedClaimTypes.Any()) { var user = Users.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { context.AddFilteredClaims(user.Claims); } else { Logger.LogWarning("Users.FindBySubjectId returned null when " + logValues.ToString()); } } return(Task.FromResult(0)); }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { _logger.LogDebug("Get profile called for {subject} from {client} with {claimTypes} because {caller}", context.Subject.GetSubjectId(), context.Client.ClientName, context.RequestedClaimTypes, context.Caller); if (context.RequestedClaimTypes.Any()) { TestUser user = _users.FindBySubjectId(context.Subject.GetSubjectId()); string email = GetEmail(user.Claims); if (!string.IsNullOrWhiteSpace(email)) { user.Claims.Add(new Claim("email", email)); } //TODO: Implement an IEqualityComparer List <Claim> allClaims = new List <Claim>(); foreach (var c in user.Claims) { if (!allClaims.Any(claim => claim.Type == c.Type)) { allClaims.Add(c); } } context.AddFilteredClaims(allClaims); } return(Task.FromResult(0)); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { var user = await _userStore.GetUserByIdAsync(context.Subject.GetSubjectId()); context.IssuedClaims.Add(new Claim(JwtClaimTypes.Subject, user.UserId)); context.AddFilteredClaims(await _userClaimsProvider.GetUserClaimsAsync(user)); }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { var bySubjectId = _users.FindBySubjectId(context.Subject.GetSubjectId()); context.AddFilteredClaims(bySubjectId.Claims); return(Task.FromResult(0)); }
public virtual async Task GetProfileDataAsync(ProfileDataRequestContext context) { var sub = context.Subject.GetSubjectId(); var user = await _userManager.FindByIdAsync(sub); var principal = await _claimsFactory.CreateAsync(user); context.AddFilteredClaims(principal.Claims); }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public Task GetProfileDataAsync(ProfileDataRequestContext context) { _logger.LogDebug("Get profile called for {subject} from {client} with {claimTypes} because {caller}", context.Subject.GetSubjectId(), context.Client.ClientName, context.RequestedClaimTypes, context.Caller); if (context.RequestedClaimTypes.Any()) { // Add own claims for user var user = _userStore.FindBySubjectId(context.Subject.GetSubjectId()); context.AddFilteredClaims(user.Claims); // Add additional claims (used for NT authentication test) context.AddFilteredClaims(context.Subject.Claims); } return(Task.FromResult(0)); }
// Will be consulted after the IsActiveAsync is consulted. // This is requested when token endpoint is invoked for Api resources required claims, // and when User info endpoint is invoked for Identity resources required claims. // The identity claims are separated from the Api resources claims to keep the token small. // If a claim, e.g "name", is vitale for the Api and needs to be in every access token, it can be added in // the UserClaims on the ApiResource configuration. This will ensure that on token request, the claim will be present. // public Task GetProfileDataAsync(ProfileDataRequestContext context) { _logger.LogDebug("Get profile data"); // Filters the list of claims given and returns // only the requested claims available in the claims given. // The requested claims is fill up from the ApiResource.UserClaims. context.AddFilteredClaims(new List <Claim>()); return(Task.FromResult(0)); }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { var subjectId = context.Subject.GetSubjectId(); var claims = new List <Claim> { new Claim(JwtClaimTypes.Role, "Administrator"), new Claim(JwtClaimTypes.GivenName, "John") }; context.AddFilteredClaims(claims); return(Task.FromResult(0)); }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public Task GetProfileDataAsync(ProfileDataRequestContext context) { var query = from u in _users where u.Subject == context.Subject.GetSubjectId() select u; var user = query.Single(); context.IssuedClaims.Add(new Claim(JwtClaimTypes.Subject, user.Subject)); context.AddFilteredClaims(user.Claims); return(Task.FromResult(0)); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { var subjectId = context.Subject.GetSubjectId(); var user = await userRepository.GetBySubjectId(Guid.Parse(subjectId)); var claims = new List <Claim> { new Claim(JwtClaimTypes.Name, user.Name ?? subjectId), new Claim(JwtClaimTypes.WebSite, user.Website ?? "") }; context.AddFilteredClaims(claims); }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { if (context.RequestedClaimTypes.Any()) { var user = _userStore.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { context.AddFilteredClaims(user.Claims); } } return(Task.FromResult(0)); }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public Task GetProfileDataAsync(ProfileDataRequestContext context) { _logger.LogDebug("Get profile called for {subject} from {client} with {claimTypes} because {caller}", context.Subject.GetSubjectId(), context.Client.ClientName, context.RequestedClaimTypes, context.Caller); if (context.RequestedClaimTypes.Any()) { context.AddFilteredClaims(context.Subject.Claims); } return(Task.FromResult(0)); }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns>A task with profile data as result.</returns> public async Task GetProfileDataAsync(ProfileDataRequestContext context) { if (context.RequestedClaimTypes.Any()) { context.AddFilteredClaims(context.Subject.Claims); } var sub = context.Subject.GetSubjectId(); var user = await _userManager.FindByIdAsync(sub); var roles = await _userManager.GetRolesAsync(user); if (!context.IssuedClaims.Any(c => c.Type == JwtClaimTypes.Role)) { context.AddFilteredClaims(roles.Select(r => new Claim(JwtClaimTypes.Role, r))); } if (!context.IssuedClaims.Any(c => c.Type == JwtClaimTypes.Name)) { context.AddFilteredClaims( new List <Claim> { new Claim(JwtClaimTypes.Name, user.UserName) }); } }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { _logger.LogDebug("Get profile called for subject {subject} from client {client} with claim types{claimTypes} via {caller}", context.Subject.GetSubjectId(), context.Client.ClientName ?? context.Client.ClientId, context.RequestedClaimTypes, context.Caller); if (context.RequestedClaimTypes.Any()) { var user = _users.FindBySubjectId(context.Subject.GetSubjectId()); context.AddFilteredClaims(user.Claims); } return(Task.FromResult(0)); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { var subject = context.Subject.GetSubjectId(); var client = context.Client.ClientName ?? context.Client.ClientId; var types = context.RequestedClaimTypes; var caller = context.Caller; Logger.LogDebug("Get profile called for subject {subject} from client {client} with claim types {claimTypes} via {caller}", subject, client, types, caller); if (context.RequestedClaimTypes.Any()) { var user = await Store.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { context.AddFilteredClaims(user.Claims); } } }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { var existingClaims = context.Subject.Claims; var newClaims = new List <Claim>(); var user = await _userService.GetUserByPrincipalAsync(context.Subject); if (user != null) { newClaims.AddRange(new List <Claim> { new Claim("plan", "0"), // free plan hard coded for now new Claim("sstamp", user.SecurityStamp), new Claim("email", user.Email), // Deprecated claims for backwards compatability, new Claim(_identityOptions.ClaimsIdentity.UserNameClaimType, user.Email), new Claim(_identityOptions.ClaimsIdentity.SecurityStampClaimType, user.SecurityStamp) }); if (!string.IsNullOrWhiteSpace(user.Name)) { newClaims.Add(new Claim("name", user.Name)); } } // filter out any of the new claims var existingClaimsToKeep = existingClaims .Where(c => newClaims.Count == 0 || !newClaims.Any(nc => nc.Type == c.Type)).ToList(); newClaims.AddRange(existingClaimsToKeep); if (newClaims.Any()) { context.AddFilteredClaims(newClaims); } }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { var existingClaims = context.Subject.Claims; var newClaims = new List <Claim>(); var user = await _userService.GetUserByPrincipalAsync(context.Subject); if (user != null) { newClaims.AddRange(new List <Claim> { new Claim("plan", "0"), // free plan hard coded for now new Claim("sstamp", user.SecurityStamp), new Claim("email", user.Email), // Deprecated claims for backwards compatability new Claim(_identityOptions.ClaimsIdentity.UserNameClaimType, user.Email), new Claim(_identityOptions.ClaimsIdentity.SecurityStampClaimType, user.SecurityStamp) }); if (!string.IsNullOrWhiteSpace(user.Name)) { newClaims.Add(new Claim("name", user.Name)); } // Orgs that this user belongs to var orgs = await _organizationUserRepository.GetManyByUserAsync(user.Id); if (orgs.Any()) { var groupedOrgs = orgs.Where(o => o.Status == Core.Enums.OrganizationUserStatusType.Confirmed) .GroupBy(o => o.Type); foreach (var group in groupedOrgs) { switch (group.Key) { case Core.Enums.OrganizationUserType.Owner: foreach (var org in group) { newClaims.Add(new Claim("orgowner", org.OrganizationId.ToString())); } break; case Core.Enums.OrganizationUserType.Admin: foreach (var org in group) { newClaims.Add(new Claim("orgadmin", org.OrganizationId.ToString())); } break; case Core.Enums.OrganizationUserType.User: foreach (var org in group) { newClaims.Add(new Claim("orguser", org.OrganizationId.ToString())); } break; default: break; } } } } // filter out any of the new claims var existingClaimsToKeep = existingClaims .Where(c => !c.Type.StartsWith("org") && (newClaims.Count == 0 || !newClaims.Any(nc => nc.Type == c.Type))) .ToList(); newClaims.AddRange(existingClaimsToKeep); if (newClaims.Any()) { context.AddFilteredClaims(newClaims); } }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { var existingClaims = context.Subject.Claims; var newClaims = new List <Claim>(); var user = await _userService.GetUserByPrincipalAsync(context.Subject); if (user != null) { var isPremium = await _licensingService.ValidateUserPremiumAsync(user); newClaims.AddRange(new List <Claim> { new Claim("premium", isPremium ? "true" : "false", ClaimValueTypes.Boolean), new Claim(JwtClaimTypes.Email, user.Email), new Claim(JwtClaimTypes.EmailVerified, user.EmailVerified ? "true" : "false", ClaimValueTypes.Boolean), new Claim(_identityOptions.ClaimsIdentity.SecurityStampClaimType, user.SecurityStamp) }); if (!string.IsNullOrWhiteSpace(user.Name)) { newClaims.Add(new Claim(JwtClaimTypes.Name, user.Name)); } // Orgs that this user belongs to var orgs = await _organizationUserRepository.GetManyByUserAsync(user.Id); if (orgs.Any()) { var groupedOrgs = orgs.Where(o => o.Status == Enums.OrganizationUserStatusType.Confirmed) .GroupBy(o => o.Type); foreach (var group in groupedOrgs) { switch (group.Key) { case Enums.OrganizationUserType.Owner: foreach (var org in group) { newClaims.Add(new Claim("orgowner", org.OrganizationId.ToString())); } break; case Enums.OrganizationUserType.Admin: foreach (var org in group) { newClaims.Add(new Claim("orgadmin", org.OrganizationId.ToString())); } break; case Enums.OrganizationUserType.User: foreach (var org in group) { newClaims.Add(new Claim("orguser", org.OrganizationId.ToString())); } break; default: break; } } } } // filter out any of the new claims var existingClaimsToKeep = existingClaims .Where(c => !c.Type.StartsWith("org") && (newClaims.Count == 0 || !newClaims.Any(nc => nc.Type == c.Type))) .ToList(); newClaims.AddRange(existingClaimsToKeep); if (newClaims.Any()) { context.AddFilteredClaims(newClaims); } }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public Task GetProfileDataAsync(ProfileDataRequestContext context) { context.AddFilteredClaims(context.Subject.Claims); return(Task.FromResult(0)); }