public async Task InvokeAsync(HttpContext context,
UsersDb db,
IClaimsService claimsService)
{
if (!context.User.Identity.IsAuthenticated ||
!context.User.TryGetEmail(out var email))
{
await _next(context);
return;
}
var identity = context.User.Identities.First();
var user = await db.Users.FirstOrDefaultAsync(x => x.Email == email);
if (user == null)
{
await _next(context);
return;
}
foreach (var claim in await claimsService.GetClaimsAsync(user.Id))
{
identity.AddClaim(new Claim(claim.ClaimType, claim.ClaimValue, claim.ClaimValueType, "theapp"));
}
await _next(context);
}
public async Task <IActionResult> GetUserClaims(string userIdOrEmail)
{
var user = long.TryParse(userIdOrEmail, out var userId)
? await _db.Users.FirstAsync(x => x.Id == userId)
: await _db.Users.FirstAsync(x => x.Email == userIdOrEmail);
var authorizationResult = await _authorizationService.AuthorizeAsync(User, user, Operations.Read);
if (!authorizationResult.Succeeded)
{
return(Forbid());
}
return(Ok(await _claimsService.GetClaimsAsync(user.Id)));
}
