internal static ClaimsPrincipal GetClaimsPrincipal(Cloudcore_User user)
{
IEnumerable<Claim> claims = LoadClaimsForUser(user);
var id = new ClaimsIdentity(claims, "Forms"); // as per example it seems to have to be Forms?!?!
return new ClaimsPrincipal(id);
}
private static IEnumerable<Claim> LoadClaimsForUser(Cloudcore_User user)
{
var loginGuid = Guid.NewGuid();
var claims = new[]
{
new Claim(ClaimTypes.GivenName, user.Firstnames),
new Claim(ClaimTypes.Surname, user.Surname),
new Claim(ClaimTypes.NameIdentifier, user.UserId.ToString()),
new Claim(ClaimTypes.Email, user.Email),
new Claim(ClaimTypes.Sid, loginGuid.ToString()),
new Claim(LastLoginClaimType, user.LastLogin.ToString("o")),
new Claim(IntAccessClaimType, user.IntAccess.ToString()),
new Claim(ExtAccessClaimType, user.ExtAccess.ToString()),
new Claim(IsAdministratorClaimType, user.IsAdministrator.ToString())
};
return claims;
}
partial void DeleteCloudcore_User(Cloudcore_User instance);
partial void UpdateCloudcore_User(Cloudcore_User instance);
partial void InsertCloudcore_User(Cloudcore_User instance);
internal static void CreateIdentity(Cloudcore_User user)
{
var principal = CloudCoreIdentity.GetClaimsPrincipal(user);
Thread.CurrentPrincipal = principal;
HttpContext.Current.User = principal;
var sam = FederatedAuthentication.SessionAuthenticationModule;
sam.DeleteSessionTokenCookie();
var sessionTimeout = ReadConfig.SettingsOnWebApplication.WebSettings.UserSessionTimeout.TimeoutValueInMinutes;
var token = sam.CreateSessionSecurityToken(principal, WebApplication.Configuration.WebSettings.SiteName, DateTime.UtcNow, DateTime.UtcNow.AddMinutes(sessionTimeout), true);
sam.CookieHandler.Name = Hash.Calculate(WebApplication.Configuration.WebSettings.SiteName);
sam.WriteSessionTokenToCookie(token);
}