public override async Task GrantCustomExtension(OAuthGrantCustomExtensionContext context) { var windowsPrincipal = context.OwinContext.Authentication.User as WindowsPrincipal; if (windowsPrincipal == null) { context.SetError("User is not a Windows user"); return; } var subject = SubjectGenerator.Create(windowsPrincipal, _options); var transformationContext = new CustomClaimsProviderContext { WindowsPrincipal = windowsPrincipal, OutgoingSubject = subject }; await _options.CustomClaimsProvider.TransformAsync(transformationContext); context.Validated(transformationContext.OutgoingSubject); }
public async Task<SignInResponseMessage> GenerateAsync(SignInRequestMessage request, WindowsPrincipal windowsPrincipal) { Logger.Info("Creating WS-Federation signin response"); // create subject var outgoingSubject = SubjectGenerator.Create(windowsPrincipal, _options); // call custom claims tranformation logic var context = new CustomClaimsProviderContext { WindowsPrincipal = windowsPrincipal, OutgoingSubject = outgoingSubject }; await _options.CustomClaimsProvider.TransformAsync(context); // create token for user var token = CreateSecurityToken(context.OutgoingSubject); // return response var rstr = new RequestSecurityTokenResponse { AppliesTo = new EndpointReference(_options.IdpRealm), Context = request.Context, ReplyTo = _options.IdpReplyUrl, RequestedSecurityToken = new RequestedSecurityToken(token) }; var serializer = new WSFederationSerializer( new WSTrust13RequestSerializer(), new WSTrust13ResponseSerializer()); var mgr = SecurityTokenHandlerCollectionManager.CreateEmptySecurityTokenHandlerCollectionManager(); mgr[SecurityTokenHandlerCollectionManager.Usage.Default] = CreateSupportedSecurityTokenHandler(); var responseMessage = new SignInResponseMessage( new Uri(_options.IdpReplyUrl), rstr, serializer, new WSTrustSerializationContext(mgr)); return responseMessage; }
/// <summary> /// Claims transforms logic /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public Task TransformAsync(CustomClaimsProviderContext context) { return(Task.FromResult(0)); }
public async Task TransformAsync(CustomClaimsProviderContext context) { var email = await GetEmailFromActiveDirectoryAsync(context.OutgoingSubject); context.OutgoingSubject.AddClaim(new Claim("email", email)); }
/// <summary> /// Claims transforms logic /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public Task TransformAsync(CustomClaimsProviderContext context) { return Task.FromResult(0); }