private Task OnSecurityTokenValidatedAsync(SecurityTokenValidatedNotification <OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> notification) { // Make sure that the user didn't sign in with a personal Microsoft account if (notification.AuthenticationTicket.Identity.FindFirst("http://schemas.microsoft.com/identity/claims/tenantid").Value == "9188040d-6c67-4c5b-b112-36a304b66dad") { notification.HandleResponse(); notification.Response.Redirect("/Account/UserMismatch"); } return(Task.FromResult(0)); }
private static Task SecurityTokenValidated(SecurityTokenValidatedNotification <HttpContext, OAuthBearerAuthenticationOptions> notification) { List <Claim> claims = new List <Claim> { new Claim(ClaimTypes.Email, "*****@*****.**"), new Claim(ClaimsIdentity.DefaultNameClaimType, "bob"), }; notification.AuthenticationTicket = new AuthenticationTicket(new ClaimsIdentity(claims, notification.Options.AuthenticationType), new Http.Security.AuthenticationProperties()); notification.HandleResponse(); return(Task.FromResult <object>(null)); }
private static Task FindClaimIdentityInDirectoryOrFail <TMessage, TOptions>(SecurityTokenValidatedNotification <TMessage, TOptions> context) { ClaimsIdentity user = context.AuthenticationTicket.Identity; string sid = user.FindUserPrincipalByClaim(Startup.ClaimType, Startup.ClaimName)?.Sid?.Value; if (sid == null) { string message = string.Format(LogMessages.UserNotFoundInDirectory, user.ToClaimList()); Reporting.LogErrorEvent(EventIDs.SsoIdentityNotFound, message, null); context.HandleResponse(); context.Response.Redirect($"/Home/AuthNError?message={HttpUtility.UrlEncode(UIMessages.SsoIdentityNotFound)}"); return(Task.CompletedTask); } user.AddClaim(new Claim(ClaimTypes.PrimarySid, sid)); Reporting.LogSuccessEvent(EventIDs.UserAuthenticated, string.Format(LogMessages.AuthenticatedAndMappedUser, user.ToClaimList())); return(Task.CompletedTask); }
private static Task SecurityTokenValidated(SecurityTokenValidatedNotification<HttpContext, OAuthBearerAuthenticationOptions> notification) { List<Claim> claims = new List<Claim> { new Claim(ClaimTypes.Email, "*****@*****.**"), new Claim(ClaimsIdentity.DefaultNameClaimType, "bob"), }; notification.AuthenticationTicket = new AuthenticationTicket(new ClaimsPrincipal(new ClaimsIdentity(claims, notification.Options.AuthenticationScheme)), new Http.Authentication.AuthenticationProperties(), notification.Options.AuthenticationScheme); notification.HandleResponse(); return Task.FromResult<object>(null); }