private PickerEntity GetPickerEntity(User user)
{
UPSClaimProviderLogger.LogDebug("GetPickerEntity invoked!");
PickerEntity entity = CreatePickerEntity();
string originalIssuer = SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, SPTrustedIdentityTokenIssuerName);
UPSClaimProviderLogger.LogDebug($"originalIssuer: {originalIssuer}");
entity.Claim = new SPClaim(UPSEmailAddressClaimType, user.Email, UPSEmailAddressClaimValueType, originalIssuer);
string claimAsString = entity.Claim.ToEncodedString();
UPSClaimProviderLogger.LogDebug($"claimAsString: {claimAsString}");
entity.Description = user.Username;
entity.DisplayText = user.Username;
entity.EntityData[PeopleEditorEntityDataKeys.DisplayName] = user.Username;
entity.EntityData[PeopleEditorEntityDataKeys.Email] = user.Email;
entity.EntityData[PeopleEditorEntityDataKeys.AccountName] = user.Email;
entity.EntityData[PeopleEditorEntityDataKeys.Department] = user.Department;
entity.EntityData[PeopleEditorEntityDataKeys.JobTitle] = user.JobTitle;
entity.EntityType = SPClaimEntityTypes.User;
entity.IsResolved = true;
return(entity);
}
protected virtual PickerEntity GetPickerEntity(Auth0.User auth0User, string claimEntityType)
{
PickerEntity pe = CreatePickerEntity();
SPClaim claim = null;
if (claimEntityType == SPClaimEntityTypes.User)
{
claim = new SPClaim(
this.identifierClaimType,
string.IsNullOrEmpty(this.auth0Config.IdentifierUserField) || this.auth0Config.IdentifierUserField == "Email" ?
auth0User.UniqueEmail() :
Utils.GetPropValue(auth0User, this.auth0Config.IdentifierUserField).ToString(),
Microsoft.IdentityModel.Claims.ClaimValueTypes.String,
SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, this.associatedSPTrustedLoginProvider.Name));
var displayText = !string.IsNullOrEmpty(auth0User.FamilyName) && !string.IsNullOrEmpty(auth0User.GivenName) ?
string.Format("{0} {1}", auth0User.GivenName, auth0User.FamilyName) : auth0User.Name;
pe.DisplayText =
!string.IsNullOrEmpty(displayText) ?
string.Format("{0} ({1})", displayText, auth0User.Email) :
auth0User.Email;
pe.Description = string.Format(
"Email: {0}; Name: {1}",
auth0User.Email,
auth0User.Name);
pe.EntityType = SPClaimEntityTypes.User;
pe.EntityData[PeopleEditorEntityDataKeys.DisplayName] = displayText;
pe.EntityData[PeopleEditorEntityDataKeys.Email] = auth0User.Email;
pe.EntityData["Picture"] = auth0User.Picture;
}
else if (claimEntityType == SPClaimEntityTypes.FormsRole)
{
claim = new SPClaim(
ConnectionClaimType,
auth0User.Identities.First().Connection,
Microsoft.IdentityModel.Claims.ClaimValueTypes.String,
SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, this.associatedSPTrustedLoginProvider.Name));
pe.DisplayText = string.Format(
"All Users ({0})",
auth0User.Identities.First().Connection);
pe.Description = string.Format(
"[{0}] All Users from '{1}'",
ProviderInternalName,
auth0User.Identities.First().Connection);
pe.EntityType = SPClaimEntityTypes.FormsRole;
}
pe.Claim = claim;
pe.IsResolved = true;
pe.EntityGroupName = this.pickerEntityGroupName;
return(pe);
}
public string getAccountNameForEmail(string email, string indentityProviderName)
{
UPSBrowserLogger.LogDebug(loggingCategory, "getIdentityProviders invoked");
UPSBrowserLogger.LogDebug(loggingCategory, $"email: {email}, indentityProviderName: {indentityProviderName}");
string originalIssuer = SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, indentityProviderName);
SPClaimProviderManager mgr = SPClaimProviderManager.Local;
SPClaim claim = new SPClaim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", email, System.Security.Claims.ClaimValueTypes.String, originalIssuer);
string accountName = mgr.EncodeClaim(claim);
return(accountName);
}
/// <summary>
/// Create picker entity for a role.
/// </summary>
/// <param name="role"></param>
/// <returns></returns>
protected virtual PickerEntity GetRolePickerEntity(string role)
{
var pickerEntity = CreatePickerEntity();
pickerEntity.DisplayText = string.Format("'{0}' Role", role);
pickerEntity.Description = string.Format("[{0}] '{1}' Role", ProviderInternalName, role);
pickerEntity.EntityType = SPClaimEntityTypes.FormsRole;
pickerEntity.Claim = new SPClaim(DefaultClaimTypes.Role, role, Microsoft.IdentityModel.Claims.ClaimValueTypes.String,
SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, this.associatedLoginProvider.Name));
pickerEntity.IsResolved = true;
pickerEntity.EntityGroupName = this.pickerEntityGroupName;
return(pickerEntity);
}
private PickerEntity GetPickerEntityADFS(string token)
{
PickerEntity entity = CreatePickerEntity();
entity.Claim = new SPClaim(DBClaimType, token, DBClaimValueType, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, SPTrustedIdentityTokenIssuerName)); //using ADFS Claim
entity.Description = token;
entity.DisplayText = token;
entity.EntityData[PeopleEditorEntityDataKeys.DisplayName] = token;
entity.EntityData[PeopleEditorEntityDataKeys.Email] = token;
entity.EntityData[PeopleEditorEntityDataKeys.AccountName] = token;
entity.EntityType = SPClaimEntityTypes.User;
entity.IsResolved = true;
return(entity);
}
private PickerEntity GetPickerEntity(string ClaimValue, string claimType, string GroupName)
{
PickerEntity pe = CreatePickerEntity();
var issuer = SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, TrustedProviderName);
pe.Claim = new SPClaim(claimType, ClaimValue, Microsoft.IdentityModel.Claims.ClaimValueTypes.String, issuer);
pe.Description = claimType + "/" + ClaimValue;
pe.DisplayText = ClaimValue;
pe.EntityData[PeopleEditorEntityDataKeys.DisplayName] = ClaimValue;
pe.EntityType = SPClaimEntityTypes.Trusted;
pe.IsResolved = true;
pe.EntityGroupName = GroupName;
return(pe);
}
protected override void CreateChildControls()
{
// return when user is not a forms based user
IClaimsIdentity claimsIdentity = (HttpContext.Current.User != null) ? (HttpContext.Current.User.Identity as IClaimsIdentity) : null;
if (claimsIdentity != null)
{
SPClaimProviderManager mgr = SPClaimProviderManager.Local;
SPClaim sPClaim = mgr.DecodeClaimFromFormsSuffix(claimsIdentity.Name);
if (SPOriginalIssuers.GetIssuerType(sPClaim.OriginalIssuer) == SPOriginalIssuerType.Windows)
{
return;
}
}
string changePasswordPage = "";
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site = new SPSite(SPContext.Current.Site.ID, SPContext.Current.Site.Zone))
{
MembershipSettings setting = new MembershipSettings(site.RootWeb);
if (setting == null || string.IsNullOrEmpty(setting.ChangePasswordPage))
{
return;
}
changePasswordPage = setting.ChangePasswordPage;
}
});
// generate return url
string source = SPUtility.OriginalServerRelativeRequestUrl;
string target = Utils.GetAbsoluteURL(SPContext.Current.Web, changePasswordPage);
MenuItemTemplate changePasswordItem = new MenuItemTemplate();
changePasswordItem.Text = LocalizedString.GetString("FBAPackMenus", "FBAChangePassword_Title");
changePasswordItem.Description = LocalizedString.GetString("FBAPackMenus", "FBAChangePassword_Desc");
changePasswordItem.Sequence = 1;
changePasswordItem.ClientOnClickNavigateUrl = target + "?Source=" + SPHttpUtility.UrlKeyValueEncode(source);
this.Controls.Add(changePasswordItem);
}
private PickerEntity GetPickerEntity(DBUser user)
{
PickerEntity entity = CreatePickerEntity();
entity.Claim = new SPClaim(DBClaimType, user.email, DBClaimValueType, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, SPTrustedIdentityTokenIssuerName)); //using ADFS Claim
//we need to use Windows Authentication Claim instead
//entity.Claim = new SPClaim(SPClaimTypes.UserLogonName, user.ad_account_name, "http://www.w3.org/2001/XMLSchema#string", SPOriginalIssuers.Format(SPOriginalIssuerType.Windows));
entity.Description = user.first_name + " " + user.last_name;
entity.DisplayText = user.first_name + " " + user.last_name;
entity.EntityData[PeopleEditorEntityDataKeys.DisplayName] = user.first_name + " " + user.last_name;
entity.EntityData[PeopleEditorEntityDataKeys.Email] = user.email;
entity.EntityData[PeopleEditorEntityDataKeys.AccountName] = user.ad_account_name;
entity.EntityType = SPClaimEntityTypes.User;
entity.IsResolved = true;
return(entity);
}
private PickerEntity GetPickerEntity(ADFSUser user)
{
PickerEntity entity = CreatePickerEntity();
entity.Claim = new SPClaim(LDAPClaimType, user.ppl_email, LDAPClaimValueType,
SPOriginalIssuers.Format(SPOriginalIssuerType.Forms, SPTrustedIdentityTokenIssuerName));
entity.Description = user.ppl_id;
entity.DisplayText = user.ppl_email;
entity.EntityData[PeopleEditorEntityDataKeys.DisplayName] = user.ppl_email;
entity.EntityData[PeopleEditorEntityDataKeys.Email] = user.ppl_email;
entity.EntityData[PeopleEditorEntityDataKeys.AccountName] = user.ppl_id;
entity.EntityType = SPClaimEntityTypes.User;
entity.IsResolved = true;
return(entity);
}
public static string GetClaims(string account)
{
string userName = null;
SPClaimProviderManager mgr = SPClaimProviderManager.Local;
if (mgr != null)
{
SPClaim claim = new SPClaim(SPClaimTypes.UserLogonName, account, "http://www.w3.org/2001/XMLSchema#string", SPOriginalIssuers.Format(SPOriginalIssuerType.Windows));
userName = mgr.EncodeClaim(claim);
}
return(userName);
;
}
public static SPUserToken GetToken(string login)
{
SPClaimProviderManager claimProviderManager = SPClaimProviderManager.Local;
SPClaim claim = new SPClaim(SPClaimTypes.UserLogonName, login, "http://www.w3.org/2001/XMLSchema#string", SPOriginalIssuers.Format(SPOriginalIssuerType.Windows));
var userName = claimProviderManager.EncodeClaim(claim);
return(SPContext.Current.Web.EnsureUser(userName).UserToken);
}
protected override void FillResolve(Uri context, string[] entityTypes, SPClaim resolveInput, List <PickerEntity> resolved)
{
logger.FillResolve(context, resolveInput);
// Not in context.
if (!this.SetLoginProviderForCurrentContext(context))
{
logger.FillResolveNotInContext(context);
return;
}
// Issuer mismatch.
if (!String.Equals(resolveInput.OriginalIssuer, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, this.associatedLoginProvider.Name), StringComparison.OrdinalIgnoreCase))
{
logger.FillResolveIssuerMismatch(resolveInput.OriginalIssuer, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, this.associatedLoginProvider.Name));
return;
}
SPSecurity.RunWithElevatedPrivileges(delegate
{
this.InitializeApiClient(context);
var input = resolveInput.Value.Contains(IdentifierValuesSeparator) ? resolveInput.Value.Split(IdentifierValuesSeparator)[1] : resolveInput.Value;
var connectionName = resolveInput.Value.Contains(IdentifierValuesSeparator) ? resolveInput.Value.Split(IdentifierValuesSeparator)[0] : string.Empty;
var consolidatedResults = this.ResolveInputBulk(input, connectionName);
if (consolidatedResults != null && consolidatedResults.Count > 0)
{
resolved.Add(consolidatedResults.ElementAt(0).PickerEntity);
return;
}
if (resolveInput.ClaimType == DefaultClaimTypes.Connection)
{
var user = new Auth0.User
{
Identities = new List <Identity>
{
new Identity {
Connection = resolveInput.Value
}
}
};
resolved.Add(this.GetPickerEntity(user, SPClaimEntityTypes.FormsRole));
}
else if (resolveInput.ClaimType == DefaultClaimTypes.Role)
{
resolved.Add(this.GetRolePickerEntity(resolveInput.Value));
}
else if (this.alwaysResolveValue)
{
var user = new Auth0.User
{
Email = input,
Name = string.Empty,
Picture = string.Empty,
Identities = new List <Identity>
{
new Identity {
Connection = connectionName
}
}
};
resolved.Add(this.GetPickerEntity(user, SPClaimEntityTypes.User));
}
logger.Resolved(resolved);
});
}
public void BypassServer()
{
Config.AlwaysResolveUserInput = true;
Config.Update();
try
{
UnitTestsHelper.TestSearchOperation(UnitTestsHelper.RandomClaimValue, 2, UnitTestsHelper.RandomClaimValue);
SPClaim inputClaim = new SPClaim(UnitTestsHelper.SPTrust.IdentityClaimTypeInformation.MappedClaimType, UnitTestsHelper.RandomClaimValue, ClaimValueTypes.String, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, UnitTestsHelper.SPTrust.Name));
UnitTestsHelper.TestValidationOperation(inputClaim, true, UnitTestsHelper.RandomClaimValue);
}
finally
{
Config.AlwaysResolveUserInput = false;
Config.Update();
}
}
public virtual void ValidateClaim(ValidateEntityData registrationData)
{
if (!TestValidation)
{
return;
}
bool shouldValidate = registrationData.ShouldValidate;
if (ExcludeGuestUsers && String.Equals(registrationData.UserType, UnitTestsHelper.GUEST_USERTYPE, StringComparison.InvariantCultureIgnoreCase))
{
shouldValidate = false;
}
if (ExcludeMemberUsers && String.Equals(registrationData.UserType, UnitTestsHelper.MEMBER_USERTYPE, StringComparison.InvariantCultureIgnoreCase))
{
shouldValidate = false;
}
SPClaim inputClaim = new SPClaim(UnitTestsHelper.SPTrust.IdentityClaimTypeInformation.MappedClaimType, registrationData.ClaimValue, ClaimValueTypes.String, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, UnitTestsHelper.SPTrust.Name));
UnitTestsHelper.TestValidationOperation(inputClaim, shouldValidate, registrationData.ClaimValue);
}
public void TestDynamicTokens(string inputValue)
{
string domainNetbios = "contoso";
string domainFQDN = "contoso.local";
ClaimTypeConfig ctConfig = Config.ClaimTypes.FirstOrDefault(x => String.Equals(GroupsClaimType, x.ClaimType, StringComparison.InvariantCultureIgnoreCase));
string expectedValue = inputValue;
ctConfig.ClaimValuePrefix = String.Empty;
Config.Update();
UnitTestsHelper.TestSearchOperation(inputValue, 1, inputValue);
SPClaim inputClaim = new SPClaim(GroupsClaimType, expectedValue, ClaimValueTypes.String, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, UnitTestsHelper.SPTrust.Name));
UnitTestsHelper.TestValidationOperation(inputClaim, true, expectedValue);
expectedValue = $@"{domainNetbios}\{inputValue}";
ctConfig.ClaimValuePrefix = @"{domain}\";
Config.Update();
UnitTestsHelper.TestSearchOperation(inputValue, 1, expectedValue);
inputClaim = new SPClaim(GroupsClaimType, expectedValue, ClaimValueTypes.String, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, UnitTestsHelper.SPTrust.Name));
UnitTestsHelper.TestValidationOperation(inputClaim, true, expectedValue);
expectedValue = $@"{domainFQDN}\{inputValue}";
ctConfig.ClaimValuePrefix = @"{fqdn}\";
Config.Update();
UnitTestsHelper.TestSearchOperation(inputValue, 1, expectedValue);
inputClaim = new SPClaim(GroupsClaimType, expectedValue, ClaimValueTypes.String, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, UnitTestsHelper.SPTrust.Name));
UnitTestsHelper.TestValidationOperation(inputClaim, true, expectedValue);
}
public static void TestAugmentationOperation(string claimType, string claimValue, bool isMemberOfTrustedGroup)
{
try
{
Stopwatch timer = new Stopwatch();
timer.Start();
SPClaim inputClaim = new SPClaim(claimType, claimValue, ClaimValueTypes.String, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, UnitTestsHelper.SPTrust.Name));
Uri context = new Uri(UnitTestsHelper.TestSiteCollUri.AbsoluteUri);
SPClaim[] groups = ClaimsProvider.GetClaimsForEntity(context, inputClaim);
bool groupFound = false;
if (groups != null && groups.Contains(TrustedGroup))
{
groupFound = true;
}
if (isMemberOfTrustedGroup)
{
Assert.IsTrue(groupFound, $"Entity \"{claimValue}\" should be member of group \"{TrustedGroupToAdd_ClaimValue}\", but this group was not found in the claims returned by the claims provider.");
}
else
{
Assert.IsFalse(groupFound, $"Entity \"{claimValue}\" should NOT be member of group \"{TrustedGroupToAdd_ClaimValue}\", but this group was found in the claims returned by the claims provider.");
}
timer.Stop();
Trace.WriteLine($"{DateTime.Now.ToString("s")} TestAugmentationOperation finished in {timer.ElapsedMilliseconds} ms. Parameters: claimType: '{claimType}', claimValue: '{claimValue}', isMemberOfTrustedGroup: '{isMemberOfTrustedGroup}'.");
}
catch (Exception ex)
{
Trace.TraceError($"{DateTime.Now.ToString("s")} TestAugmentationOperation failed with exception '{ex.GetType()}', message '{ex.Message}'. Parameters: claimType: '{claimType}', claimValue: '{claimValue}', isMemberOfTrustedGroup: '{isMemberOfTrustedGroup}'.");
}
}
protected override void FillResolve(Uri context, string[] entityTypes, SPClaim resolveInput, List <PickerEntity> resolved)
{
Auth0LoggingService.Write("FillResolve input: {0}", resolveInput != null ? resolveInput.ClaimType + "/" + resolveInput.Value : "empty");
if (!this.SetSPTrustInCurrentContext(context))
{
Auth0LoggingService.Write("FillResolve: SetSPTrustInCurrentContext=false.");
return;
}
if (!String.Equals(resolveInput.OriginalIssuer,
SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, this.associatedSPTrustedLoginProvider.Name),
StringComparison.OrdinalIgnoreCase))
{
Auth0LoggingService.Write("FillResolve: Original issuers don't match, {0} != {1}.", resolveInput.OriginalIssuer, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, this.associatedSPTrustedLoginProvider.Name));
return;
}
SPSecurity.RunWithElevatedPrivileges(delegate
{
var input = resolveInput.Value.Contains(IdentifierValuesSeparator) ?
resolveInput.Value.Split(IdentifierValuesSeparator)[1] : resolveInput.Value;
var connectionName = resolveInput.Value.Contains(IdentifierValuesSeparator) ?
resolveInput.Value.Split(IdentifierValuesSeparator)[0] : string.Empty;
var consolidatedResults = this.ResolveInputBulk(input, connectionName);
if (consolidatedResults != null && consolidatedResults.Count > 0)
{
resolved.Add(consolidatedResults.ElementAt(0).PickerEntity);
return;
}
if (resolveInput.ClaimType == ConnectionClaimType)
{
var user = new Auth0.User
{
Identities = new List <Identity>
{
new Identity {
Connection = resolveInput.Value
}
}
};
resolved.Add(this.GetPickerEntity(user, SPClaimEntityTypes.FormsRole));
}
else if (resolveInput.ClaimType == RoleClaimType)
{
resolved.Add(this.GetRolePickerEntity(resolveInput.Value));
}
else if (this.alwaysResolveValue)
{
var user = new Auth0.User
{
Email = input,
Name = string.Empty,
Picture = string.Empty,
Identities = new List <Identity>
{
new Identity {
Connection = connectionName
}
}
};
resolved.Add(this.GetPickerEntity(user, SPClaimEntityTypes.User));
}
});
}
public void TestPrefixToBypassLookup(string inputValue, int expectedCount, string expectedClaimValue)
{
ClaimTypeConfig ctConfig = Config.ClaimTypes.FirstOrDefault(x => String.Equals(UnitTestsHelper.SPTrust.IdentityClaimTypeInformation.MappedClaimType, x.ClaimType, StringComparison.InvariantCultureIgnoreCase));
ctConfig.PrefixToBypassLookup = "ext:";
Config.Update();
UnitTestsHelper.TestSearchOperation(inputValue, expectedCount, expectedClaimValue);
if (expectedCount > 0)
{
SPClaim inputClaim = new SPClaim(UnitTestsHelper.SPTrust.IdentityClaimTypeInformation.MappedClaimType, expectedClaimValue, ClaimValueTypes.String, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, UnitTestsHelper.SPTrust.Name));
UnitTestsHelper.TestValidationOperation(inputClaim, true, expectedClaimValue);
}
}
public virtual void ValidateClaim(ValidateEntityData registrationData)
{
if (!TestValidation)
{
return;
}
SPClaim inputClaim = new SPClaim(UnitTestsHelper.SPTrust.IdentityClaimTypeInformation.MappedClaimType, registrationData.ClaimValue, ClaimValueTypes.String, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, UnitTestsHelper.SPTrust.Name));
UnitTestsHelper.TestValidationOperation(inputClaim, registrationData.ShouldValidate, registrationData.ClaimValue);
}
public virtual void DEBUG_ValidateClaim(string claimType, string claimValue, bool shouldValidate)
{
if (!TestValidation)
{
return;
}
SPClaim inputClaim = new SPClaim(claimType, claimValue, ClaimValueTypes.String, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, UnitTestsHelper.SPTrust.Name));
UnitTestsHelper.TestValidationOperation(inputClaim, shouldValidate, claimValue);
}
public void BypassLookupOnGroupClaimTest(string inputValue, int expectedCount, string expectedClaimValue)
{
UnitTestsHelper.TestSearchOperation(inputValue, expectedCount, expectedClaimValue);
if (expectedCount > 0)
{
SPClaim inputClaim = new SPClaim(UnitTestsHelper.TrustedGroupToAdd_ClaimType, expectedClaimValue, ClaimValueTypes.String, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, UnitTestsHelper.SPTrust.Name));
UnitTestsHelper.TestValidationOperation(inputClaim, true, expectedClaimValue);
}
}
public static string EncodeUsername(string username, SPSite site)
{
SPClaim claim = new SPClaim(SPClaimTypes.UserLogonName, username, "http://www.w3.org/2001/XMLSchema#string", SPOriginalIssuers.Format(SPOriginalIssuerType.Forms, GetMembershipProvider(site)));
return(SPClaimProviderManager.Local.EncodeClaim(claim));
}
public static void TestAugmentationOperation(string claimType, string claimValue, bool isMemberOfTrustedGroup)
{
SPClaim inputClaim = new SPClaim(claimType, claimValue, ClaimValueTypes.String, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, UnitTestsHelper.SPTrust.Name));
Uri context = new Uri(TestSiteCollUri.AbsoluteUri);
SPClaim[] groups = ClaimsProvider.GetClaimsForEntity(context, inputClaim);
bool groupFound = false;
string groupsValueText = "No group was returned by the claims provider.";
if (groups != null && groups.Count() > 0)
{
groupsValueText = $"Claims provider returned those {groups.Count()} groups: {string.Join(", ", Array.ConvertAll(groups, x => x.Value))}";
if (groups.Contains(TrustedGroup))
{
groupFound = true;
}
}
if (isMemberOfTrustedGroup)
{
Assert.IsTrue(groupFound, $"Entity \"{claimValue}\" should be member of group \"{TrustedGroupToAdd_ClaimValue}\", but this group was not found in the claims returned by the claims provider. {groupsValueText}");
}
else
{
Assert.IsFalse(groupFound, $"Entity \"{claimValue}\" should NOT be member of group \"{TrustedGroupToAdd_ClaimValue}\", but this group was found in the claims returned by the claims provider. {groupsValueText}");
}
}
public void TestDynamicTokens(string inputValue)
{
// With NonParallelizable set, this method is not called in parallel with other methods, but it seems it can still be called multiple times simultaneously, so lock is required due to the multiple config changes
lock (LockUpdateDynamicTokensConfig)
{
string domainNetbios = "contoso";
string domainFQDN = "contoso.local";
ClaimTypeConfig ctConfig = Config.ClaimTypes.FirstOrDefault(x => String.Equals(GroupsClaimType, x.ClaimType, StringComparison.InvariantCultureIgnoreCase));
string expectedValue = inputValue;
ctConfig.ClaimValuePrefix = String.Empty;
Config.Update();
UnitTestsHelper.TestSearchOperation(inputValue, 1, inputValue);
SPClaim inputClaim = new SPClaim(GroupsClaimType, expectedValue, ClaimValueTypes.String, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, UnitTestsHelper.SPTrust.Name));
UnitTestsHelper.TestValidationOperation(inputClaim, true, expectedValue);
expectedValue = $@"{domainNetbios}\{inputValue}";
ctConfig.ClaimValuePrefix = @"{domain}\";
Config.Update();
UnitTestsHelper.TestSearchOperation(inputValue, 1, expectedValue);
inputClaim = new SPClaim(GroupsClaimType, expectedValue, ClaimValueTypes.String, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, UnitTestsHelper.SPTrust.Name));
UnitTestsHelper.TestValidationOperation(inputClaim, true, expectedValue);
expectedValue = $@"{domainFQDN}\{inputValue}";
ctConfig.ClaimValuePrefix = @"{fqdn}\"; // This is the default value, set at last step to restore it before releasing lock
Config.Update();
UnitTestsHelper.TestSearchOperation(inputValue, 1, expectedValue);
inputClaim = new SPClaim(GroupsClaimType, expectedValue, ClaimValueTypes.String, SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, UnitTestsHelper.SPTrust.Name));
UnitTestsHelper.TestValidationOperation(inputClaim, true, expectedValue);
}
}
