public static JwtPayloadInfo GetJwtPayloadInfo(this Controller controller) { var payload = JwtPayloadInfo.Extract(controller.HttpContext.User.Claims); //Added for instrumentation purposes controller.HttpContext.Items.Add("lc_ExtRefId", payload.ExtReferenceId); return(payload); }
public static JwtPayloadInfo Extract(IEnumerable <Claim> claims) { //eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ilg1ZVhrNHh5b2pORnVtMWtsMll0djhkbE5QNC1jNTdkTzZRR1RWQndhTmsifQ.eyJleHAiOjE1MzU0Mzk2MjMsIm5iZiI6MTUzNTQzNjAyMywidmVyIjoiMS4wIiwiaXNzIjoiaHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tLzZlY2VlZDllLTMyYTktNDk5My1hYjFmLWJhODM5ODlkZjc0YS92Mi4wLyIsInN1YiI6Ijk0N2JjODc0LTdmZjctNDQ5ZC04ZDA2LTUwZjEyNTUyNjQ2ZCIsImF1ZCI6IjljNTkxZjc5LTQ0OTUtNDQ4OS05ZTllLTAxMmZlOWJlMTUyZiIsIm5vbmNlIjoiZGVmYXVsdE5vbmNlIiwiaWF0IjoxNTM1NDM2MDIzLCJhdXRoX3RpbWUiOjE1MzU0MzYwMjMsIm9pZCI6Ijk0N2JjODc0LTdmZjctNDQ5ZC04ZDA2LTUwZjEyNTUyNjQ2ZCIsImZhbWlseV9uYW1lIjoiR3JpbXNrb2ctTG4iLCJnaXZlbl9uYW1lIjoiUGVyLUZuIiwiZW1haWxzIjpbInBncmltc2tvZ0BsaWZlY291cGxlLm5ldCJdLCJ0ZnAiOiJCMkNfMV9zdXNpIn0.dYmbds0tv1HJvDsAzGICX0j3wA4nCJbp6y62McNy9fatDitlyTHCFs1CCXhy-RR4neUJQ2knhnLJuwVbPOzOb5FFJXgIDI1uraHhyUkxak_HIVXtrliGjBAFwGKALWCnmJmgz_RMFEVkuHH77KrW2dzpoZX975epTIlPCZgeFn5ftMMWkooC1qmOtu5ZXX5d_t0w3Lh0A53W37xGRDg3xYHl4L9lNQn2V8p6n8CyHsT-89BY8Tu3arnGwoD4ypWqi-OFSIze3H7bJxHzTKsagMc6boaiVWf5I_BQfNDccOrhbZdlb8tlY_tW8T7QERKZIaF5CFDhETlFJUfvvbny8w /* * { * "exp": 1535439623, * "nbf": 1535436023, * "ver": "1.0", * "iss": "https://login.microsoftonline.com/6eceed9e-32a9-4993-ab1f-ba83989df74a/v2.0/", * "sub": "947bc874-7ff7-449d-8d06-50f12552646d", * "aud": "9c591f79-4495-4489-9e9e-012fe9be152f", * "nonce": "defaultNonce", * "iat": 1535436023, * "auth_time": 1535436023, * "oid": "947bc874-7ff7-449d-8d06-50f12552646d", * "family_name": "Grimskog-Ln", * "given_name": "Per-Fn", * "emails": [ * "*****@*****.**" * ], * "tfp": "B2C_1_susi" * } */ var r = new JwtPayloadInfo { EmailAddress = claims.FirstOrDefault(c => c.Type == ClaimTypes.Email)?.Value, //Typically return something like '84b2647f-e9d4-4e95-99d4-2e28992588ff' //this is most likely going to be the same to get the Azure B2C ObjectctId, which we refer to as 'external Id'. See more about this isn section 2 at https://grimskog.wordpress.com/2018/02/17/token-based-authentication-jwt-azure-active-directory-b2c/ ExtReferenceId = claims.FirstOrDefault(c => c.Type == "http://schemas.microsoft.com/identity/claims/objectidentifier")?.Value, FirstName = claims.FirstOrDefault(c => c.Type == ClaimTypes.GivenName)?.Value, //optional value LastName = claims.FirstOrDefault(c => c.Type == ClaimTypes.Surname)?.Value, //optional value }; if (string.IsNullOrWhiteSpace(r.EmailAddress)) { r.EmailAddress = claims.FirstOrDefault(c => c.Type == "emails")?.Value; //that is what is being passed in the AD B2C token } return(r); }