public ClaimMapResult Map(IHeaderDictionary headers) { var isIgnored = _easyAuthOptions.Value.IgnoreClaimTypes.Any(c => c.Equals(ClaimTypes.System, StringComparison.OrdinalIgnoreCase)); // try and map the header claims from a value in the header if (!isIgnored && headers.ContainsKey(CustomHeaderDictionaryTransformer.HeaderName)) { return(ClaimMapResult.Success(new[] { new Claim(ClaimTypes.System, headers[CustomHeaderDictionaryTransformer.HeaderName].First()), new Claim(ClaimTypes.Webpage, _contextAccessor.HttpContext.Request.Path), })); } return(ClaimMapResult.NoResult); }
public ClaimMapResult Map(IHeaderDictionary headers) { if (!string.IsNullOrEmpty(headers[KnownEasyAuthHeaders.PrincipalObjectHeader])) { var claims = new List <Claim>(); _logger.LogTrace($"Building claims from payload in {KnownEasyAuthHeaders.PrincipalObjectHeader} header."); try { var headerValue = headers[KnownEasyAuthHeaders.PrincipalObjectHeader].First(); var payload = Encoding.UTF8.GetString(Convert.FromBase64String(headerValue)); var headerPrincipalModel = JsonSerializer.Deserialize <EasyAuthHeaderPrincipalModel>(payload); var config = _easyAuthOptions.Value; foreach (var claimsModel in headerPrincipalModel.Claims) { var claimType = claimsModel.Type; var ignoreClaimType = config.IgnoreClaimTypes.Any(c => c.Equals(claimType, StringComparison.OrdinalIgnoreCase)); if (!ignoreClaimType) { var commaSeparated = config.ClaimTypesWithCommaSeparatedValues.Any(c => c.Equals(claimType, StringComparison.OrdinalIgnoreCase)); _logger.LogTrace($"ClaimType \"{claimType}\" value is treated as comma separated = {commaSeparated}"); if (claimsModel.Type.Equals(KnownEasyAuthClaimAliases.Roles, StringComparison.OrdinalIgnoreCase)) { claimType = string.IsNullOrEmpty(headerPrincipalModel.RoleClaimType) ? ClaimTypes.Role : headerPrincipalModel.RoleClaimType; } else if (claimsModel.Type.Equals(KnownEasyAuthClaimAliases.Name, StringComparison.OrdinalIgnoreCase)) { claimType = string.IsNullOrEmpty(headerPrincipalModel.NameClaimType) ? ClaimTypes.Name : headerPrincipalModel.NameClaimType; } if (commaSeparated) { claims.AddRange(claimsModel.Value.Split(',') .Select(c => new Claim(claimType, c))); } else { claims.Add(new Claim(claimType, claimsModel.Value)); } } else { _logger.LogTrace($"Ignoring ClaimType: {claimType}"); } } return(ClaimMapResult.Success(claims)); } catch (Exception e) { _logger.LogError(e, "Building claims from header failed"); } } return(ClaimMapResult.Fail($"{KnownEasyAuthHeaders.PrincipalObjectHeader} header was not present or in the expected format.")); }