public async Task <IEnumerable <Claim> > GetCustomClaims(ClaimsPrincipal subject, IEnumerable <string> requestedClaims, IEnumerable <ParsedScopeValue> parsedScopes)
{
var nationalIdentifier = subject?.Claims?.FirstOrDefault(c => c.Type == InternalClaims.NationalIdentifier)?.Value;
if (!nationalIdentifier.CanDetermineAge() || nationalIdentifier.IsPersonYoungerThanAgeLimit(_verificationLimitConfig.MinimumAgeInYears))
{
// Return only underaged claims: Too young or can't determine age
return(GetClaimsForUnderagedPerson());
}
try
{
bool skipMsisLookup = parsedScopes?.Select(p => p.ParsedName.ToLower()).Contains(VerificationScopes.SkipMsisLookup) == true;
var originalClaims = subject.Claims.ToList();
var pseudonym = originalClaims
.FirstOrNone(x => x.Type == InternalClaims.Pseudonym)
.Map(x => x.Value)
.ValueOr(subject.Identity.Name);
var nationalIdentifierClaim = originalClaims.FirstOrNone(x => x.Type == InternalClaims.NationalIdentifier);
var customClaims = new List <Claim>();
if (VerificationResult.RequestedClaimsRequiresVerification(requestedClaims))
{
var verificationResult = await nationalIdentifierClaim.MatchAsync(
none : async() =>
{
var isPinVerified = originalClaims
.FirstOrNone(x => x.Type == InternalClaims.PinVerified)
.Map(x => x.Value == "true")
.ValueOr(false);
return(await _mediator.Send(new VerifyPinUser.Command(pseudonym, isPinVerified, skipMsisLookup)));
},
some : natIdent => _mediator.Send(new VerifyIdentifiedUser.Command(natIdent.Value, pseudonym, skipMsisLookup)));
customClaims.AddRange(verificationResult.GetVerificationClaims());
}
if (_anonymousTokensConfig.Enabled)
{
customClaims.AddRange(_anonymousTokensConfig.EnabledClientFlags.Select(clientFlag =>
new Claim(VerificationClaims.AnonymousToken, clientFlag)));
}
return(customClaims);
}
catch (Exception e)
{
_logger.LogError(e, "Error encountered when attempting to verify user infection status");
return(new [] { new Claim(DkSmittestopClaims.Covid19Status, DkSmittestopClaims.StatusValues.Unknwon) });
}
}
public async Task <IEnumerable <Claim> > GetCustomClaims(ClaimsPrincipal subject, IEnumerable <string> requestedClaims)
{
var originalClaims = subject.Claims.ToList();
var pseudonym = originalClaims
.FirstOrNone(x => x.Type == InternalClaims.Pseudonym)
.Map(x => x.Value)
.ValueOr(subject.Identity.Name);
var nationalIdentifierClaim = originalClaims.FirstOrNone(x => x.Type == InternalClaims.NationalIdentifier);
var verificationClaims = new List <Claim>();
if (VerificationResult.RequestedClaimsRequiresVerification(requestedClaims))
{
try
{
var verificationResult = await nationalIdentifierClaim.MatchAsync(
none : async() =>
{
var isPinVerified = originalClaims
.FirstOrNone(x => x.Type == InternalClaims.PinVerified)
.Map(x => x.Value == "true")
.ValueOr(false);
return(isPinVerified
? await _mediator.Send(new VerifyPinUser.Command(pseudonym))
: new VerificationResult());
},
some : natIdent => _mediator.Send(new VerifyIdentifiedUser.Command(natIdent.Value, pseudonym)));
verificationClaims.AddRange(verificationResult.GetVerificationClaims());
}
catch (Exception e)
{
_logger.LogError(e, "Error encountered when attempting to verify user infection status");
verificationClaims.Add(new Claim(DkSmittestopClaims.Covid19Status, DkSmittestopClaims.StatusValues.Unknwon));
}
}
;
return(verificationClaims);
}
