/// <summary> /// 只要有关用户的身份信息单元被请求(例如在令牌创建期间或通过用户信息终点),就会调用此方法 /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); //判断是否有请求Claim信息 if (context.RequestedClaimTypes.Any()) { //根据用户唯一标识查找用户信息 var user = Users.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { //调用此方法以后内部会进行过滤,只将用户请求的Claim加入到 context.IssuedClaims 集合中 这样我们的请求方便能正常获取到所需Claim var claim = new List <Claim> () { new Claim("level", user.ProviderName), new Claim(JwtClaimTypes.Role, "superadmin") }; context.AddRequestedClaims(claim); } } context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
/// <summary> /// 只要有關使用者的身份資訊單元被請求(例如在令牌建立期間或通過使用者資訊終點),就會呼叫此方法 /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); //判斷是否有請求Claim資訊 if (context.RequestedClaimTypes.Any()) { var user = GetUserById(context.Subject.GetSubjectId()); if (user != null) { //呼叫此方法以後內部會進行過濾,只將使用者請求的Claim加入到 context.IssuedClaims 集合中 這樣我們的請求方便能正常獲取到所需Claim var claims = new[] { new Claim(ClaimTypes.Name, user.Account), //請求使用者的賬號,這個可以保證User.Identity.Name有值 new Claim(JwtClaimTypes.Name, user.Name), //請求使用者的姓名 }; //返回apiresource中定義的claims context.AddRequestedClaims(claims); } } context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
/// <summary> /// 只要有关用户的身份信息单元被请求(例如在令牌创建期间或通过用户信息终点),就会调用此方法 /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); //判断是否有请求Claim信息 if (context.RequestedClaimTypes.Any()) { var userClaims = new List <Claim> { new Claim("demo1", "测试1"), new Claim("demo2", "测试2"), }; List <TestUser> userList = new List <TestUser>() { new TestUser() { SubjectId = "cfac01a9-ba15-4678-bccb-cc22d7896362", Password = "******", Username = "******", Claims = userClaims }, new TestUser() { SubjectId = "cfac01a9-ba15-4678-bccb-cc22d7855555", Password = "******", Username = "******" }, }; TestUserStore userStore = new TestUserStore(userList); //根据用户唯一标识查找用户信息 var user = userStore.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { //调用此方法以后内部会进行过滤,只将用户请求的Claim加入到 context.IssuedClaims 集合中 这样我们的请求方便能正常获取到所需Claim context.AddRequestedClaims(user.Claims); } //context.IssuedClaims=userClaims; } context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
/// <summary> /// 只要有关用户的身份信息单元被请求(例如在令牌创建期间或通过用户信息终点),就会调用此方法 /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); //判断是否有请求Claim信息 if (context.RequestedClaimTypes.Any()) { //根据用户唯一标识查找用户信息 var identityName = context.Subject.Identity.Name; User user = GetUser(identityName); // var user = Users.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { //调用此方法以后内部会进行过滤,只将用户请求的Claim加入到 context.IssuedClaims 集合中 这样我们的请求方便能正常获取到所需Claim var claims = new [] { new Claim(ClaimTypes.Name, user.Account), //请求用户的账号,这个可以保证User.Identity.Name有值 new Claim(JwtClaimTypes.Name, user.Name), //请求用户的姓名 }; //返回apiresource中定义的claims context.AddRequestedClaims(claims); } } context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(this._logger); if (context.RequestedClaimTypes.Any()) { var userSet = this._dbcontext.Set <User>(); var subject = context.Subject.FindFirst(JwtClaimTypes.Subject); if (subject == null) { throw new InvalidOperationException("sub claim is missing"); } var user = userSet .SingleOrDefault(user => user.Id == subject.Value ); if (user != null) { var extraClaims = new List <Claim> { // this will add userName to name new Claim("preferred_username", user.UserName), }; context.AddRequestedClaims(extraClaims); } } context.LogIssuedClaims(this._logger); return(Task.CompletedTask); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { try { context.LogProfileRequest(Logger); var sub = context.Subject.GetSubjectId(); var user = await _userManager.FindByIdAsync(sub); var principal = await _claimsFactory.CreateAsync(user); var claims = principal.Claims.ToList(); claims = claims.Where(claim => context.RequestedClaimTypes.Contains(claim.Type)).ToList(); await GeneratePermissionsClaimMapFromSubject(claims, context, user); await GenerateDataPolicyClaimMapFromSubject(claims, context, user); if (user.Email != null) { claims.Add(new Claim(IdentityServerConstants.StandardScopes.Email, user.Email)); } context.IssuedClaims = claims; context.LogIssuedClaims(Logger); } catch (Exception ex) { Logger.LogError(ex, ex.Message.ToString()); throw; } }
public override async Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); if (long.TryParse(context.Subject.GetSubjectId(), out var userId)) { var member = await _discordClientProvider.GetMemberAsync(userId); if (member is not null) { // add discord claims TryAddClaim(context, DiscordClaimTypes.AvatarHash, member.AvatarHash); TryAddClaim(context, DiscordClaimTypes.AvatarUrl, member.AvatarUrl); TryAddClaim(context, DiscordClaimTypes.Discriminator, member.Discriminator); TryAddClaim(context, DiscordClaimTypes.Username, member.Username); TryAddClaim(context, DiscordClaimTypes.Nickname, member.Nickname); // add discord role claims foreach (var role in member.Roles) { TryAddClaim(context, DiscordClaimTypes.Role, role.Name); } // add app role claims foreach (var appRole in _discordClientProvider.GetAppRoles(member)) { TryAddClaim(context, AppClaimTypes.Role, appRole); } } } context.LogIssuedClaims(Logger); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { var user = await UserManager.GetUserAsync(context.Subject); // Adding the current claims from user var principal = await _claimsFactory.CreateAsync(user); var claimsUser = principal.Claims.ToList(); var subjectClaims = context.Subject.Claims.ToList(); subjectClaims.Merge(claimsUser); subjectClaims.AddIfDontExist(new Claim("username", user.UserName)); subjectClaims.AddIfDontExist(new Claim(JwtClaimTypes.Name, user.UserName)); if (subjectClaims.All(a => a.Type != JwtClaimTypes.Role)) { var roles = await UserManager.GetRolesAsync(user); subjectClaims.AddRange(roles.Select(s => new Claim(JwtClaimTypes.Role, s))); } context.LogProfileRequest(Logger); context.AddRequestedClaims(subjectClaims); context.LogIssuedClaims(Logger); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } _log.LogDebug("requested claims:"); foreach (var c in context.RequestedClaimTypes) { _log.LogDebug("{RequestedClaimType}", c); } _log.LogDebug("src subject claims:"); PrintClaims(context.Subject.Claims); var u = await _usrMgr.GetUserAsync(context.Subject); _log.LogDebug("user subject claims:"); PrintClaims(u?.Claims); context.LogProfileRequest(_log); context.AddRequestedClaims(u?.Claims); context.LogIssuedClaims(_log); _log.LogDebug("issued claims:"); PrintClaims(context.IssuedClaims); }
/// <summary> /// 只要有关用户的身份信息单元被请求(例如在令牌创建期间或通过用户信息终点),就会调用此方法 /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual async Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); //判断是否有请求Claim信息 if (context.RequestedClaimTypes.Any()) { //根据用户唯一标识查找用户信息 var user = await _userManager.FindByIdAsync(context.Subject.GetSubjectId()); if (user != null) { //调用此方法以后内部会进行过滤,只将用户请求的Claim加入到 context.IssuedClaims 集合中 这样我们的请求方便能正常获取到所需Claim var claims = (await _userManager.GetClaimsAsync(user)).ToList(); var roles = await _userManager.GetRolesAsync(user); foreach (var name in roles) { var role = await _roleManager.FindByNameAsync(name); if (role != null) { claims.AddRange(await _roleManager.GetClaimsAsync(role)); } } context.IssuedClaims.AddRange(claims); } } context.LogIssuedClaims(Logger); }
public override async Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); await base.GetProfileDataAsync(context); context.LogIssuedClaims(Logger); }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); context.AddRequestedClaims(context.Subject.Claims); context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(_logger); context.AddRequestedClaims(context.Subject.Claims); context.LogIssuedClaims(_logger); return(Task.FromResult(0)); }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { using var activity = Tracing.ServiceActivitySource.StartActivity("DefaultProfileService.GetProfileData"); context.LogProfileRequest(Logger); context.AddRequestedClaims(context.Subject.Claims); context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(logger); //context.IssuedClaims.Add(new System.Security.Claims.Claim(JwtClaimTypes.Name, "zzl")); //context.IssuedClaims.Add(new System.Security.Claims.Claim(JwtClaimTypes.Email, "*****@*****.**")); context.IssuedClaims.Add(new System.Security.Claims.Claim(JwtClaimTypes.Address, "*****@*****.**")); context.IssuedClaims.AddRange(context.Subject.Claims); return(Task.FromResult(0)); }
/// <summary> /// 只要有关用户的身份信息单元被请求(例如在令牌创建期间或通过用户信息终点),就会调用此方法 /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(_logger); List <Claim> claims = context.Subject.Claims.ToList(); context.IssuedClaims = claims.ToList(); context.LogIssuedClaims(_logger); return(Task.CompletedTask); }
public override Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); if (context.RequestedClaimTypes.Any()) { context.IssuedClaims.AddRange(FilterClaims(context, context.Subject.Claims)); } context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
public async Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(logger); if (context.RequestedClaimTypes.Any()) { var user = await volunteerStore.FindByIdAsync(context.Subject.GetSubjectId(), CancellationToken.None); if (user != null) { var requestedClaims = new List <Claim>(); foreach (var claimType in context.RequestedClaimTypes) { logger.LogDebug("Requesting ClaimType: {claimType}", claimType); switch (claimType) { case JwtClaimTypes.Subject: requestedClaims.Add(new Claim(claimType, user.Id)); break; case JwtClaimTypes.Name: requestedClaims.Add(new Claim(claimType, user.FullName)); break; case JwtClaimTypes.FamilyName: requestedClaims.Add(new Claim(claimType, user.LastName)); break; case JwtClaimTypes.GivenName: requestedClaims.Add(new Claim(claimType, user.FirstName)); break; case JwtClaimTypes.PreferredUserName: requestedClaims.Add(new Claim(claimType, user.UserName)); break; case JwtClaimTypes.Role: if (user.IsAdmin) { requestedClaims.Add(new Claim(claimType, "AdminAccess")); } requestedClaims.Add(new Claim(claimType, "VolunteerAccess")); break; } } context.AddRequestedClaims(requestedClaims); } } context.LogIssuedClaims(logger); }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); if (context.RequestedClaimTypes.Any()) { var user = Users.FindBySubjectId(context.Subject.GetSubjectId()); context.AddRequestedClaims(user.Claims); } context.LogIssuedClaims(Logger); return(Task.FromResult(0)); }
/// <summary> /// Este metodo es llamado cuando un claim del usuario es requerido /// </summary> /// <param name="context"></param> /// <returns></returns> public Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); if(context.RequestedClaimTypes.Any()) { var User = Users.FindByUserId( context.Subject.GetSubjectId()); if(User != null) { context.AddRequestedClaims(User.Claims); } context.LogIssuedClaims(Logger); } return Task.CompletedTask; }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo /// endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public async Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(_logger); if (context.RequestedClaimTypes.Any()) { var user = await _userStore.FindBySubjectIdAsync(context.Subject.GetSubjectId()); if (user != null) { context.AddRequestedClaims(user.Claims); } } context.LogIssuedClaims(_logger); }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(_logger); var subject = context.Subject ?? throw new ArgumentNullException(nameof(context.Subject)); var subjectId = subject.Claims.Where(c => c.Type == "sub").FirstOrDefault()?.Value; if (!int.TryParse(subjectId, out var inuserId)) { throw new ArgumentException("Invalid subject identifier"); } context.IssuedClaims.AddRange(context.Subject.Claims); context.LogIssuedClaims(_logger); return(Task.CompletedTask); }
public override Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); if (context.RequestedClaimTypes.Any()) { TestUser user = Users.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { context.AddRequestedClaims(user.Claims); var apiLevel = user.Claims.Where(claim => claim.Type == Config.ApiLevel); context.IssuedClaims.AddRange(apiLevel); } } context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); if (context.RequestedClaimTypes.Any()) { //var user = _dbContext.Users.FindBySubjectId(context.Subject.GetSubjectId()); //if (user != null) //{ // context.AddRequestedClaims(user.Claims); //} } context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); if (context.RequestedClaimTypes.Any()) { var user = Users.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { context.IssuedClaims.AddRange(user.Claims); } } context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
public Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Log); //>Processing var user = _userManager.GetUserAsync(context.Subject).Result; var claims = new List <Claim> { new Claim("BC_Address", user.BC_Address), }; context.IssuedClaims.AddRange(claims); context.LogIssuedClaims(Log); //>Return return(Task.FromResult(0)); }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); if (context.RequestedClaimTypes.Any()) { var user = Users.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { context.AddRequestedClaims(user.Claims.Select(c => new Claim(c.Key, c.Value)).ToList()); } } context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); if (context.RequestedClaimTypes.Any()) { var user = new TestUserStore(_security.CurrentValue.Users).FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { context.AddRequestedClaims(user.Claims); } } context.IssuedClaims = context.Subject.Claims.ToList(); context.LogIssuedClaims(Logger); return(Task.CompletedTask); }
/// <summary> /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint) /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public virtual async Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); if (context.RequestedClaimTypes.Any()) { var user = await _usersService.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { context.AddRequestedClaims(user.Claims); } } context.LogIssuedClaims(Logger); //return Task.CompletedTask; }
/// <summary> /// 只要有关用户的身份信息单元被请求(例如在令牌创建期间或通过用户信息终点),就会调用此方法 /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public Task GetProfileDataAsync(ProfileDataRequestContext context) { context.LogProfileRequest(Logger); //判断是否有请求Claim信息 if (context.RequestedClaimTypes.Any()) { //根据用户唯一标识查找用户信息 var user = Users.FindBySubjectId(context.Subject.GetSubjectId()); if (user != null) { //调用此方法以后内部会进行过滤,只将用户请求的Claim加入到 context.IssuedClaims 集合中 这样我们的请求方便能正常获取到所需Claim context.AddRequestedClaims(user.Claims); } } context.LogIssuedClaims(Logger); return(Task.CompletedTask); }