/// <summary> /// Returning claims for the given user from BaatAuthzApi. /// </summary> /// <param name="identity"></param> /// <returns></returns> public async Task <List <Claim> > GetClaims(ClaimsIdentity identity) { Claim usernameClaim = identity.FindFirst("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier"); BaatAuthzUserInfoResponse response = await _baatAuthzApi.Info(usernameClaim.Value); var claims = new List <Claim>(); if (response == BaatAuthzUserInfoResponse.Empty) { Log.Warning("Empty response from BaatAuthzApi - no claims appended to user"); } else { claims.AddRange(new List <Claim> { new Claim("Name", string.IsNullOrEmpty(response?.Name) ? "" : response.Name), new Claim("Email", response.Email), new Claim("AuthorizedFrom", response.AuthorizedFrom), new Claim("AuthorizedUntil", response.AuthorizedUntil), new Claim("OrganizationName", response.Organization?.Name), new Claim("OrganizationOrgnr", response.Organization?.Orgnr), new Claim("OrganizationContactName", response.Organization?.ContactName), new Claim("OrganizationContactEmail", response.Organization?.ContactEmail), new Claim("OrganizationContactPhone", response.Organization?.ContactPhone) }); } await AppendRoles(usernameClaim.Value, claims); //AppendFakeRolesForDemoUser(usernameClaim.Value, claims); return(claims); }
/// <summary> /// Returning claims for the given user from BaatAuthzApi. /// </summary> /// <param name="identity"></param> /// <returns></returns> public async Task <List <Claim> > GetClaims(ClaimsIdentity identity) { Claim usernameClaim = identity.FindFirst(ClaimIdentifierUsername); BaatAuthzUserInfoResponse response; try { response = await _baatAuthzApi.Info(usernameClaim.Value); } catch (Exception e) { throw new Exception("Error while communicating with BaatAutzApi: " + e.Message, e); } var claims = new List <Claim>(); if (response != null && response == BaatAuthzUserInfoResponse.Empty) { Log.Warn("Empty response from BaatAuthzApi - no claims appended to user"); } else { claims.AddRange(new List <Claim> { new Claim(GeonorgeClaims.Name, string.IsNullOrEmpty(response?.Name) ? "" : response.Name), new Claim(GeonorgeClaims.Email, response.Email), new Claim(GeonorgeClaims.AuthorizedFrom, response.AuthorizedFrom), new Claim(GeonorgeClaims.AuthorizedUntil, response.AuthorizedUntil), }); if (response.Organization != null) { claims.AddRange(new List <Claim> { new Claim(GeonorgeClaims.OrganizationName, response.Organization.Name), new Claim(GeonorgeClaims.OrganizationOrgnr, response.Organization.Orgnr), new Claim(GeonorgeClaims.OrganizationContactName, response.Organization.ContactName), new Claim(GeonorgeClaims.OrganizationContactEmail, response.Organization.ContactEmail), new Claim(GeonorgeClaims.OrganizationContactPhone, response.Organization.ContactPhone) }); } await AppendRoles(usernameClaim.Value, claims); //AppendFakeRolesForDemoUser(usernameClaim.Value, claims); // TODO: Remove when BaatAuthz can supply proper role list } return(claims); }