//For pass-through requests not handled by ServiceStack public async Task SignInAuthenticatedSessions(NetCoreRequest req) { if (!AutoSignInSessionsMatching(req)) { return; } var session = req.GetSession(); if (session.IsAuthenticated) { var claims = session.ConvertSessionToClaims( issuer: Issuer, roleClaimType: RoleClaimType, permissionClaimType: PermissionClaimType); if (HostContext.HasValidAuthSecret(req)) { claims.Add(new Claim(RoleClaimType, RoleNames.Admin, Issuer)); } var principal = CreateClaimsPrincipal != null ? CreateClaimsPrincipal(claims, session, req) : new ClaimsPrincipal(new ClaimsIdentity(claims, AuthenticationType)); req.HttpContext.User = principal; } }