private static Task AddClaims(Microsoft.Owin.Security.Notifications.SecurityTokenValidatedNotification <Microsoft.IdentityModel.Protocols.OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> n) { n.AuthenticationTicket.Identity.AddClaim(new Claim("id_token", n.ProtocolMessage.IdToken)); foreach (var claim in n.AuthenticationTicket.Identity.FindAll(x => x.Type == ClaimTypes.Role)) { n.AuthenticationTicket.Identity.AddClaim(new Claim("role", claim.Value)); } return(Task.FromResult(0)); }
private async Task <string> GetAccessToken(Microsoft.Owin.Security.Notifications.SecurityTokenValidatedNotification <OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> info) { dynamic tokenResponse = await GetTokenFromAuthSvr( endpoint : "https://localhost:44301/identity/connect/token", code : info.ProtocolMessage.Code, callbackUri : info.Options.RedirectUri, clientId : info.Options.ClientId, clientSecret : info.Options.ClientSecret); string accessToken = tokenResponse.access_token; return(accessToken); }
private static void MapClaims(Microsoft.Owin.Security.Notifications.SecurityTokenValidatedNotification <Microsoft.IdentityModel.Protocols.OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> info) { var identity = info.AuthenticationTicket.Identity; var givenName = identity.FindFirst("given_name"); var familyName = identity.FindFirst("family_name"); var email = identity.FindFirst("email"); var emailVerified = identity.FindFirst("email_verified"); var sub = identity.FindFirst("sub"); var projects = identity.FindFirst("projects"); var roles = identity.FindAll("role"); var internalIdentity = new ClaimsIdentity( identity.AuthenticationType, "given_name", "role"); // internalIdentity.Name // HasRole internalIdentity.AddClaim(givenName); internalIdentity.AddClaim(familyName); internalIdentity.AddClaim(email); internalIdentity.AddClaim(emailVerified); internalIdentity.AddClaim(sub); if (projects != null) { internalIdentity.AddClaim(projects); } internalIdentity.AddClaims(roles); if (identity.HasClaim("role", "Manager")) { internalIdentity.AddClaim(new Claim("overbook_flights", "true")); } var idToken = info.ProtocolMessage.IdToken; var accessToken = info.ProtocolMessage.AccessToken; internalIdentity.AddClaim(new Claim("id_token", idToken)); if (!string.IsNullOrEmpty(accessToken)) { internalIdentity.AddClaim(new Claim("access_token", accessToken)); } info.AuthenticationTicket = new AuthenticationTicket( internalIdentity, info.AuthenticationTicket.Properties); }
private Task SecurityTokenValidated(Microsoft.Owin.Security.Notifications.SecurityTokenValidatedNotification <OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> context) { string userID = context.AuthenticationTicket.Identity.FindFirst(ClaimTypes.Name).Value; return(Task.FromResult(0)); }