/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); if (context.RequestedClaimTypes.Any()) { var user = Users.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { context.AddRequestedClaims(user.Claims); } } context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
public override Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); if (context.RequestedClaimTypes.Any()) { TestUser user = Users.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { context.AddRequestedClaims(user.Claims); var apiLevel = user.Claims.Where(claim => claim.Type == Config.ApiLevel); context.IssuedClaims.AddRange(apiLevel); } } context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { var user = await _userManager.GetUserAsync(context.Subject); var roles = await _userManager.GetRolesAsync(user); var roleClaims = new List <Claim>(); foreach (var item in roles) { roleClaims.AddRange( _roleManager.GetClaimsAsync(_roleManager.FindByNameAsync(item).Result).Result ); } var claimsNames = new List <string>(); claimsNames.AddRange(new[] { // "Permission", "access", "dashboard", "route", "rank", "group", "system", "userId", JwtClaimTypes.Role, JwtClaimTypes.Name }); context.RequestedClaimTypes = claimsNames; context.AddRequestedClaims(context.Subject.Claims); var claims = new List <Claim>(); claims.Add(new Claim("username", user.UserName)); // claims.Add(new Claim( JwtClaimTypes.Role, "AO Checker" )); // claims.Add(new Claim( JwtClaimTypes.Name, "Bob Smith" )); // context.AddRequestedClaims(roleClaims); // context.IssuedClaims.AddRange(claims); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { var sub = context.Subject?.GetSubjectId(); if (sub == null) { throw new Exception("No sub claim present"); } var user = Config.GetUsers().First(u => u.SubjectId == sub); if (user != null) { context.AddRequestedClaims(user.Claims); } await Task.CompletedTask; }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { var userIdentity = new ClaimsIdentity(); DateTime epoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); userIdentity.AddClaim(new Claim(JwtClaimTypes.Subject, "1")); userIdentity.AddClaim(new Claim(JwtClaimTypes.IdentityProvider, "homekuru")); userIdentity.AddClaim(new Claim(JwtClaimTypes.AuthenticationMethod, "password")); userIdentity.AddClaim(new Claim(JwtClaimTypes.AuthenticationTime, (DateTime.UtcNow - epoch).TotalSeconds.ToString())); IEnumerable <Claim> requestedClaims = userIdentity.FindAll(p => context.RequestedClaimTypes.Contains(p.Type)); context.AddRequestedClaims(requestedClaims); return(null); }
/// <summary> /// 只要有关用户的身份信息单元被请求(例如在令牌创建期间或通过用户信息终点),就会调用此方法 /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { //判断是否有请求Claim信息 if (context.RequestedClaimTypes.Any()) { //根据用户唯一标识查找用户信息 var user = Users.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { //调用此方法以后内部会进行过滤,只将用户请求的Claim加入到 context.IssuedClaims 集合中 这样我们的请求方便能正常获取到所需Claim context.AddRequestedClaims(user.Claims); } } return(Task.CompletedTask); }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { // cast token to objeto var request = context.ValidatedRequest as ValidatedTokenRequest; // verificar se o token é nulo if (request != null) { // buscar o usuário na base e add as respectivas claims var user = _context.Clientes.FirstOrDefault(x => x.Nome == request.UserName); if (user != null) { context.AddRequestedClaims(GetUserClaims(user)); } } return(Task.CompletedTask); }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); if (context.RequestedClaimTypes.Any()) { var user = new TestUserStore(_security.CurrentValue.Users).FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { context.AddRequestedClaims(user.Claims); } } context.IssuedClaims = context.Subject.Claims.ToList(); context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { if (context.RequestedClaimTypes.Any()) { var user = _userProvider.GetUserMail(context.Subject.GetSubjectId()); if (user != null) { context.AddRequestedClaims( new List <Claim> { new Claim("email", user.Email), new Claim("nome", user.Nome), new Claim("ruolo", user.Ruolo.ToString()), new Claim("immagine", user.Img) }); } } return(Task.CompletedTask); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { try { var user = this._userManager.GetUserAsync(context.Subject).Result; var roles = await this._userManager.GetRolesAsync(user); var principal = await this._claimsFactory.CreateAsync(user); if (principal == null) { throw new Exception("ClaimsFactory failed to create a principal"); } var claims = principal.Claims.ToList(); foreach (var item in context.RequestedClaimTypes) { if (item == "https://hasura.io/jwt/claims") { var hasuraJwtClaimsData = new Dictionary <string, object> { { "x-hasura-allowed-roles", roles.Select(x => x.ToLower()) }, { "x-hasura-default-role", roles.FirstOrDefault().ToLower() }, { "x-hasura-user-id", user.Id }, }; var hasuraJwtClaims = new Claim( "https://hasura.io/jwt/claims", JsonConvert.SerializeObject(hasuraJwtClaimsData), IdentityServerConstants.ClaimValueTypes.Json ); claims.Add(hasuraJwtClaims); } } claims = claims.Where(claim => context.RequestedClaimTypes.Contains(claim.Type)).ToList(); context.AddRequestedClaims(claims); } catch (Exception) { } }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { //JWT //ValidatitedTokenReques - parse var request = context.ValidatedRequest as ValidatedTokenRequest; //verificar se o token é nulo if (request != null) { //Procurar na base as informações var user = _dbContext.Users.FirstOrDefault(x => x.Email == request.UserName); if (user != null) { context.AddRequestedClaims(GetUserClaims(user)); } } return(Task.CompletedTask); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { var sub = context.Subject.GetSubjectId(); var user = await _userDomainService.GetUserByIdAsync(sub); if (!user.EmailConfirmed) { throw new NetKitAuthForbiddenException(ErrorCode.EmailIsNotConfirmed, EmailWasNotConfirmed); } var principal = await _claimsFactory.CreateAsync(user); if (!principal.IsInRole(Roles.User)) { context.IssuedClaims.Add(new Claim(JwtClaimTypes.Email, user.Email)); } context.AddRequestedClaims(principal.Claims); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { // Include configured claims. context.AddRequestedClaims(context.Subject.Claims); // The service gets called multiple times. In this case we need // the UserInfo endpoint because that's where the scope is defined. if (context.Caller == "UserInfoEndpoint") { // Get the value from somewhere and transform to a list of claims. // You can filter by requested scopes List <Claim> userClaims = GetUserClaims(context.RequestedResources.IdentityResources); if (userClaims.Any()) { context.IssuedClaims.AddRange(userClaims); } } }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns>Returns nothing, but update the current claims to the context.</returns> public Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); //Logger.LogDebug("Get profile called for subject {subject} from client {client} with claim types {claimTypes} via {caller}", // context.Subject.GetSubjectId(), // context.Client.ClientName ?? context.Client.ClientId, // context.RequestedClaimTypes, // context.Caller); if (context.RequestedClaimTypes.Any()) { var user = Users.FindBySubjectId(context.Subject.GetSubjectId()); context.AddRequestedClaims(user.Claims); } context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { // Get user data var user = await _userManager.GetUserAsync(context.Subject); var principal = await _claimsFactory.CreateAsync(user, GetTenantFromContext(context.Subject)); var claimsUser = principal.Claims.ToList(); var subjectClaims = context.Subject.Claims.ToList(); // Merge ASP.NET Identity claims subjectClaims.Merge(claimsUser); subjectClaims.MergeValues(claimsUser.Where(x => x.Type == JwtClaimTypes.Role)); subjectClaims.AddIfDontExist(new Claim("username", user.UserName)); subjectClaims.AddIfDontExist(new Claim(JwtClaimTypes.Name, user.UserName)); if (subjectClaims.All(a => a.Type != JwtClaimTypes.Role)) { var roles = await _userManager.GetRolesAsync(user); subjectClaims.AddRange(roles.Select(s => new Claim(JwtClaimTypes.Role, s))); } // Sometimes IdentityResources are specified at UserClaims in ProtectedResource. Then we include all related claims to RequestedClaims var resources = await _resourceStore.GetAllResourcesAsync(); var usersClaimsToGoWithin = GetIdentityResourcesToIncludeInRequestedClaims(context, resources); if (context.Subject.ContainsTenant()) { usersClaimsToGoWithin.Add("tid"); usersClaimsToGoWithin.Add("tname"); } usersClaimsToGoWithin.Merge(context.RequestedClaimTypes); context.RequestedClaimTypes = usersClaimsToGoWithin; context.LogProfileRequest(_logger); context.AddRequestedClaims(subjectClaims); context.LogIssuedClaims(_logger); }
public override async Task GetProfileDataAsync(ProfileDataRequestContext context) { await base.GetProfileDataAsync(context); var tenantId = context.Subject.FindTenantId(); using (CurrentTenant.Change(tenantId)) { var userId = context.Subject.GetSubjectId(); var user = await UserManager.FindByIdAsync(userId); if (context.IssuedClaims == null) { context.IssuedClaims = new List <Claim>(); } context.IssuedClaims.Add(new Claim("usertype", "superuser")); context.AddRequestedClaims(context.IssuedClaims); } }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { Log.Debug( $"Get profile called for subject {context.Subject.GetSubjectId()} from client {context.Client.ClientName ?? context.Client.ClientId} with claim types {context.RequestedClaimTypes.Join()} via {context.Caller}"); // 判断是否有请求Claim信息 if (context.RequestedClaimTypes.Any()) { // 根据用户标识查找用户信息 var user = Users.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { // 调用此方法以后内部会进行过滤,只将用户请求的Claim加入到 context.IssuedClaims 集合中 这样我们的请求方便能正常获取到所需Claim context.AddRequestedClaims(user.Claims); } } Log.Debug($"Issued claims: {context.IssuedClaims.Select(x => x.Type.Join())}"); return(Task.CompletedTask); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(logger); var container = storage.CreateCloudBlobClient().GetContainerReference("identity"); var local = container.GetBlockBlobReference("local.json"); if (await container.ExistsAsync() && await local.ExistsAsync()) { var localuser = JToken.Parse(local.DownloadTextAsync().GetAwaiter().GetResult()).ToObject <LocalUsersProvisionModel>(); context.AddRequestedClaims(new[] { new Claim(JwtClaimTypes.GivenName, localuser.FirstName), new Claim(JwtClaimTypes.FamilyName, localuser.LastName), new Claim(JwtClaimTypes.Name, $"{localuser.FirstName} {localuser.LastName}") }); } context.LogIssuedClaims(logger); }
// // 摘要: // This method is called whenever claims about the user are requested (e.g. during // token creation or via the userinfo endpoint) // // 参数: // context: // The context. public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { //context.LogProfileRequest(Logger); if (context.RequestedClaimTypes.Any()) { User User = Users.FindBySubjectId(context.Subject.GetSubjectId()); if (User != null) { List <sysClaims.Claim> claims = new List <sysClaims.Claim>(); foreach (var item in User.Claims) { claims.Add(new sysClaims.Claim(item.Type, item.Value)); } context.AddRequestedClaims(claims); } } //context..(Logger); return(Task.CompletedTask); }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); if (context.RequestedClaimTypes.Any()) { var user = Users.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { context.AddRequestedClaims(user.Claims); //var customClaimTypes = new[] { "role", "course" }; //foreach(var customClaim in user.Claims.Where(c=> customClaimTypes.Contains(c.Type))) // context.IssuedClaims.Add(customClaim); } } context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { var sub = context.Subject.GetSubjectId(); if (context.RequestedClaimTypes.Any()) { // Get data from Db var user = _userRepository.FindBySubjectId(sub); var claims = new List <Claim>(); if (user != null) { claims.Add(new Claim("custom_user_id", user.UserId)); claims.Add(new Claim("custom_company_id", user.CompanyId)); claims.Add(new Claim(JwtClaimTypes.Address, user.Address)); claims.Add(new Claim("country", user.Country)); claims.Add(new Claim(JwtClaimTypes.Email, user.Email)); claims.Add(new Claim(JwtClaimTypes.GivenName, user.FirstForename)); claims.Add(new Claim(JwtClaimTypes.FamilyName, user.Surname)); claims.Add(new Claim("role", "Admin")); } if (context.Caller == IdentityServerConstants.ProfileDataCallers.UserInfoEndpoint) { var bigSetOfClaims = new Dictionary <string, string>(); for (int i = 1; i <= 10; i++) { bigSetOfClaims.Add($"key{i}", Guid.NewGuid().ToString().ToSha256()); } claims.Add(new Claim("permissions", JsonConvert.SerializeObject(bigSetOfClaims), IdentityServerConstants.ClaimValueTypes.Json)); } context.AddRequestedClaims(claims); //context.IssuedClaims = claims; } return(Task.CompletedTask); }
/// <summary> /// 只要有关用户的身份信息单元被请求(例如在令牌创建期间或通过用户信息终点),就会调用此方法 /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public Task GetProfileDataAsync(ProfileDataRequestContext context) { //判断是否有请求Claim信息 if (context.RequestedClaimTypes.Any()) { var user = GetUserById(context.Subject.GetSubjectId()); if (user != null) { //调用此方法以后内部会进行过滤,只将用户请求的Claim加入到 context.IssuedClaims 集合中 这样我们的请求方便能正常获取到所需Claim var claims = new[] { new Claim("Username", user.Username), //请求用户的账号,这个可以保证User.Identity.Name有值 new Claim("DisplayName", user.DisplayName), //请求用户的姓名 }; //返回apiresource中定义的claims context.AddRequestedClaims(claims); } } return(Task.CompletedTask); }
protected virtual async Task AddOrganisationClaims(ProfileDataRequestContext context, InsolvencyUser user) { if (string.IsNullOrEmpty(user.ScpGroupId)) { return; } if (string.IsNullOrEmpty(user.Email)) { return; } var organisations = await _iIdentityManagementRepository.GetOrganisationByScpGroupIdAsync(user.ScpGroupId); if (organisations.Count == 0) { _logger.LogWarning($"No organisations for user with ScpGroupId: {user.ScpGroupId} could be found! Unable to add requested claims."); return; } context.AddRequestedClaims(CreateOrganisationClaims(organisations, user.Email)); }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); if (context.RequestedClaimTypes.Any()) { var user = Users.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { // AddRequestedClaims will filter out any claims that's not in standard ScopeToClaimsMapping // defined in IdentityServer4 Constants.cs // Since we added "aadtenant" scope to include aad specific claims oid and tid, // they won't be filtered out. context.AddRequestedClaims(user.Claims); } } context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { string subId = context.Subject.GetSubjectId(); ApplicationUser user = await userManager.FindByIdAsync(subId); IList <string> userRoles = await userManager.GetRolesAsync(user); List <Claim> claims = new List <Claim>() { new Claim(JwtRegisteredClaimNames.Email, user.Email), new Claim("name", user.UserName), }; foreach (string role in userRoles) { claims.Add(new Claim("role", role)); } context.AddRequestedClaims(claims); context.IssuedClaims = claims; }
public override async Task GetProfileDataAsync(ProfileDataRequestContext context) { await base.GetProfileDataAsync(context); var userData = _context.Users.FirstOrDefault(x => x.Id == context.Subject.FindFirstValue(JwtClaimTypes.Subject)); var userName = userData.FirstName.IsNullOrEmpty() || userData.LastName.IsNullOrEmpty() ? userData.Email : $"{userData.FirstName} {userData.LastName}"; var userClaims = new List <Claim> { new Claim(DomainClaimTypes.TestUserId, "some test_user_id"), new Claim(DomainClaimTypes.LiveUserId, "some live_user_id"), new Claim(DomainClaimTypes.LiveEnabled, "true"), new Claim(DomainClaimTypes.SomeClaim, "some_claim value"), new Claim(DomainClaimTypes.AnotherClaim, "another_claim value"), new Claim("name", userName) }; context.AddRequestedClaims(userClaims); }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint). /// </summary> /// <param name="context">The context.</param> /// <returns>A task instance</returns> public Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(_logger); if (context.RequestedClaimTypes.Any()) { var subjectId = context .Subject .GetSubjectId(); var userId = Convert.ToInt64(subjectId); var userMonad = _userService.Get(userId); var claimsMonad = userMonad.Bind(_userService.GetClaims); if (claimsMonad is Success <IEnumerable <Claim>, Error> claims) { context.AddRequestedClaims(new Claim[0]); } } context.LogIssuedClaims(_logger); return(Task.CompletedTask); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { var subId = context.Subject.GetSubjectId(); var user = await _customUserRepository.FindById(int.Parse(subId)); var claims = new List <Claim>() { new Claim(JwtRegisteredClaimNames.Email, user.Email), new Claim("name", user.UserName), new Claim("city", user.City), }; if (user.Id == 1) { claims.Add(new Claim("role", "admin")); } else { claims.Add(new Claim("role", "customer")); } context.AddRequestedClaims(claims); //context.IssuedClaims = claims; }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual async Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); // Claims added here are defined be the API and RESOURCE configurations in Config.cs, only the requested claims will be added to the IssuedClaims collection if (context.RequestedClaimTypes.Any()) { var user = await Users.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { context.AddRequestedClaims(user.Claims); // Add the sellerId claim if it was not already added, to ensure it appears in the access_token var sellerIdClaim = user.Claims.FirstOrDefault(x => x.Type == "https://openactive.io/sellerId"); if (sellerIdClaim != null && !context.IssuedClaims.Exists(x => x.Type == "https://openactive.io/sellerId")) { context.IssuedClaims.Add(sellerIdClaim); } } } context.LogIssuedClaims(Logger); }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(_logger); if (context.RequestedClaimTypes.Any()) { Guid userId = context.Subject.GetUserId(); var user = _dbContext.Users.Find(userId); if (user != null) { context.AddRequestedClaims(new[] { new Claim(JwtClaimTypes.Name, user.Name), new Claim(JwtClaimTypes.Email, user.EmailAddress), new Claim(JwtClaimTypes.Role, user.Role.GetStringValue()) }); } } context.LogIssuedClaims(_logger); return(Task.CompletedTask); }