Пример #1
0
        /// <summary>
        /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
        /// </summary>
        /// <param name="context">The context.</param>
        /// <returns></returns>
        public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            var logValues = new FormattedLogValues("Get profile called for subject {subject} from client {client} with claim types {claimTypes} via {caller}",
                                                   context.Subject.GetSubjectId(),
                                                   context.Client.ClientName ?? context.Client.ClientId,
                                                   context.RequestedClaimTypes,
                                                   context.Caller);

            Logger.LogDebug(logValues.ToString());

            if (context.RequestedClaimTypes.Any())
            {
                var user = Users.FindBySubjectId(context.Subject.GetSubjectId());
                if (user != null)
                {
                    context.AddFilteredClaims(user.Claims);
                }
                else
                {
                    Logger.LogWarning("Users.FindBySubjectId returned null when " + logValues.ToString());
                }
            }

            return(Task.FromResult(0));
        }
Пример #2
0
        public Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            _logger.LogDebug("Get profile called for {subject} from {client} with {claimTypes} because {caller}",
                             context.Subject.GetSubjectId(),
                             context.Client.ClientName,
                             context.RequestedClaimTypes,
                             context.Caller);

            if (context.RequestedClaimTypes.Any())
            {
                TestUser user  = _users.FindBySubjectId(context.Subject.GetSubjectId());
                string   email = GetEmail(user.Claims);

                if (!string.IsNullOrWhiteSpace(email))
                {
                    user.Claims.Add(new Claim("email", email));
                }

                //TODO: Implement an IEqualityComparer
                List <Claim> allClaims = new List <Claim>();

                foreach (var c in user.Claims)
                {
                    if (!allClaims.Any(claim => claim.Type == c.Type))
                    {
                        allClaims.Add(c);
                    }
                }
                context.AddFilteredClaims(allClaims);
            }

            return(Task.FromResult(0));
        }
Пример #3
0
        public async Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            var user = await _userStore.GetUserByIdAsync(context.Subject.GetSubjectId());

            context.IssuedClaims.Add(new Claim(JwtClaimTypes.Subject, user.UserId));
            context.AddFilteredClaims(await _userClaimsProvider.GetUserClaimsAsync(user));
        }
Пример #4
0
        public Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            var bySubjectId = _users.FindBySubjectId(context.Subject.GetSubjectId());

            context.AddFilteredClaims(bySubjectId.Claims);
            return(Task.FromResult(0));
        }
Пример #5
0
        public virtual async Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            var sub  = context.Subject.GetSubjectId();
            var user = await _userManager.FindByIdAsync(sub);

            var principal = await _claimsFactory.CreateAsync(user);

            context.AddFilteredClaims(principal.Claims);
        }
Пример #6
0
        /// <summary>
        /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
        /// </summary>
        /// <param name="context">The context.</param>
        /// <returns></returns>
        public Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            _logger.LogDebug("Get profile called for {subject} from {client} with {claimTypes} because {caller}",
                             context.Subject.GetSubjectId(),
                             context.Client.ClientName,
                             context.RequestedClaimTypes,
                             context.Caller);

            if (context.RequestedClaimTypes.Any())
            {
                // Add own claims for user
                var user = _userStore.FindBySubjectId(context.Subject.GetSubjectId());
                context.AddFilteredClaims(user.Claims);

                // Add additional claims (used for NT authentication test)
                context.AddFilteredClaims(context.Subject.Claims);
            }

            return(Task.FromResult(0));
        }
Пример #7
0
        // Will be consulted after the IsActiveAsync is consulted.
        // This is requested when token endpoint is invoked for Api resources required claims,
        // and when User info endpoint is invoked for Identity resources required claims.
        // The identity claims are separated from the Api resources claims to keep the token small.
        // If a claim, e.g "name", is vitale for the Api and needs to be in every access token, it can be added in
        // the UserClaims on the ApiResource configuration. This will ensure that on token request, the claim will be present.
        //
        public Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            _logger.LogDebug("Get profile data");

            // Filters the list of claims given and returns
            // only the requested claims available in the claims given.
            // The requested claims is fill up from the ApiResource.UserClaims.
            context.AddFilteredClaims(new List <Claim>());

            return(Task.FromResult(0));
        }
Пример #8
0
        public Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            var subjectId = context.Subject.GetSubjectId();
            var claims    = new List <Claim>
            {
                new Claim(JwtClaimTypes.Role, "Administrator"),
                new Claim(JwtClaimTypes.GivenName, "John")
            };

            context.AddFilteredClaims(claims);
            return(Task.FromResult(0));
        }
Пример #9
0
        /// <summary>
        /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
        /// </summary>
        /// <param name="context">The context.</param>
        /// <returns></returns>
        public Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            var query =
                from u in _users
                where u.Subject == context.Subject.GetSubjectId()
                select u;
            var user = query.Single();

            context.IssuedClaims.Add(new Claim(JwtClaimTypes.Subject, user.Subject));
            context.AddFilteredClaims(user.Claims);

            return(Task.FromResult(0));
        }
Пример #10
0
        public async Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            var subjectId = context.Subject.GetSubjectId();
            var user      = await userRepository.GetBySubjectId(Guid.Parse(subjectId));

            var claims = new List <Claim>
            {
                new Claim(JwtClaimTypes.Name, user.Name ?? subjectId),
                new Claim(JwtClaimTypes.WebSite, user.Website ?? "")
            };

            context.AddFilteredClaims(claims);
        }
Пример #11
0
        public Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            if (context.RequestedClaimTypes.Any())
            {
                var user = _userStore.FindBySubjectId(context.Subject.GetSubjectId());

                if (user != null)
                {
                    context.AddFilteredClaims(user.Claims);
                }
            }

            return(Task.FromResult(0));
        }
Пример #12
0
        /// <summary>
        /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
        /// </summary>
        /// <param name="context">The context.</param>
        /// <returns></returns>
        public Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            _logger.LogDebug("Get profile called for {subject} from {client} with {claimTypes} because {caller}",
                             context.Subject.GetSubjectId(),
                             context.Client.ClientName,
                             context.RequestedClaimTypes,
                             context.Caller);

            if (context.RequestedClaimTypes.Any())
            {
                context.AddFilteredClaims(context.Subject.Claims);
            }

            return(Task.FromResult(0));
        }
Пример #13
0
        /// <summary>
        /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
        /// </summary>
        /// <param name="context">The context.</param>
        /// <returns>A task with profile data as result.</returns>
        public async Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            if (context.RequestedClaimTypes.Any())
            {
                context.AddFilteredClaims(context.Subject.Claims);
            }

            var sub  = context.Subject.GetSubjectId();
            var user = await _userManager.FindByIdAsync(sub);

            var roles = await _userManager.GetRolesAsync(user);

            if (!context.IssuedClaims.Any(c => c.Type == JwtClaimTypes.Role))
            {
                context.AddFilteredClaims(roles.Select(r => new Claim(JwtClaimTypes.Role, r)));
            }
            if (!context.IssuedClaims.Any(c => c.Type == JwtClaimTypes.Name))
            {
                context.AddFilteredClaims(
                    new List <Claim> {
                    new Claim(JwtClaimTypes.Name, user.UserName)
                });
            }
        }
Пример #14
0
        public Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            _logger.LogDebug("Get profile called for subject {subject} from client {client} with claim types{claimTypes} via {caller}",
                             context.Subject.GetSubjectId(),
                             context.Client.ClientName ?? context.Client.ClientId,
                             context.RequestedClaimTypes,
                             context.Caller);

            if (context.RequestedClaimTypes.Any())
            {
                var user = _users.FindBySubjectId(context.Subject.GetSubjectId());
                context.AddFilteredClaims(user.Claims);
            }

            return(Task.FromResult(0));
        }
Пример #15
0
        public async Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            var subject = context.Subject.GetSubjectId();
            var client  = context.Client.ClientName ?? context.Client.ClientId;
            var types   = context.RequestedClaimTypes;
            var caller  = context.Caller;

            Logger.LogDebug("Get profile called for subject {subject} from client {client} with claim types {claimTypes} via {caller}", subject, client, types, caller);

            if (context.RequestedClaimTypes.Any())
            {
                var user = await Store.FindBySubjectId(context.Subject.GetSubjectId());

                if (user != null)
                {
                    context.AddFilteredClaims(user.Claims);
                }
            }
        }
Пример #16
0
        public async Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            var existingClaims = context.Subject.Claims;
            var newClaims      = new List <Claim>();

            var user = await _userService.GetUserByPrincipalAsync(context.Subject);

            if (user != null)
            {
                newClaims.AddRange(new List <Claim>
                {
                    new Claim("plan", "0"), // free plan hard coded for now
                    new Claim("sstamp", user.SecurityStamp),
                    new Claim("email", user.Email),

                    // Deprecated claims for backwards compatability,
                    new Claim(_identityOptions.ClaimsIdentity.UserNameClaimType, user.Email),
                    new Claim(_identityOptions.ClaimsIdentity.SecurityStampClaimType, user.SecurityStamp)
                });

                if (!string.IsNullOrWhiteSpace(user.Name))
                {
                    newClaims.Add(new Claim("name", user.Name));
                }
            }

            // filter out any of the new claims
            var existingClaimsToKeep = existingClaims
                                       .Where(c => newClaims.Count == 0 || !newClaims.Any(nc => nc.Type == c.Type)).ToList();

            newClaims.AddRange(existingClaimsToKeep);
            if (newClaims.Any())
            {
                context.AddFilteredClaims(newClaims);
            }
        }
Пример #17
0
        public async Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            var existingClaims = context.Subject.Claims;
            var newClaims      = new List <Claim>();

            var user = await _userService.GetUserByPrincipalAsync(context.Subject);

            if (user != null)
            {
                newClaims.AddRange(new List <Claim>
                {
                    new Claim("plan", "0"), // free plan hard coded for now
                    new Claim("sstamp", user.SecurityStamp),
                    new Claim("email", user.Email),

                    // Deprecated claims for backwards compatability
                    new Claim(_identityOptions.ClaimsIdentity.UserNameClaimType, user.Email),
                    new Claim(_identityOptions.ClaimsIdentity.SecurityStampClaimType, user.SecurityStamp)
                });

                if (!string.IsNullOrWhiteSpace(user.Name))
                {
                    newClaims.Add(new Claim("name", user.Name));
                }

                // Orgs that this user belongs to
                var orgs = await _organizationUserRepository.GetManyByUserAsync(user.Id);

                if (orgs.Any())
                {
                    var groupedOrgs = orgs.Where(o => o.Status == Core.Enums.OrganizationUserStatusType.Confirmed)
                                      .GroupBy(o => o.Type);

                    foreach (var group in groupedOrgs)
                    {
                        switch (group.Key)
                        {
                        case Core.Enums.OrganizationUserType.Owner:
                            foreach (var org in group)
                            {
                                newClaims.Add(new Claim("orgowner", org.OrganizationId.ToString()));
                            }
                            break;

                        case Core.Enums.OrganizationUserType.Admin:
                            foreach (var org in group)
                            {
                                newClaims.Add(new Claim("orgadmin", org.OrganizationId.ToString()));
                            }
                            break;

                        case Core.Enums.OrganizationUserType.User:
                            foreach (var org in group)
                            {
                                newClaims.Add(new Claim("orguser", org.OrganizationId.ToString()));
                            }
                            break;

                        default:
                            break;
                        }
                    }
                }
            }

            // filter out any of the new claims
            var existingClaimsToKeep = existingClaims
                                       .Where(c => !c.Type.StartsWith("org") && (newClaims.Count == 0 || !newClaims.Any(nc => nc.Type == c.Type)))
                                       .ToList();

            newClaims.AddRange(existingClaimsToKeep);
            if (newClaims.Any())
            {
                context.AddFilteredClaims(newClaims);
            }
        }
Пример #18
0
        public async Task GetProfileDataAsync(ProfileDataRequestContext context)
        {
            var existingClaims = context.Subject.Claims;
            var newClaims      = new List <Claim>();

            var user = await _userService.GetUserByPrincipalAsync(context.Subject);

            if (user != null)
            {
                var isPremium = await _licensingService.ValidateUserPremiumAsync(user);

                newClaims.AddRange(new List <Claim>
                {
                    new Claim("premium", isPremium ? "true" : "false", ClaimValueTypes.Boolean),
                    new Claim(JwtClaimTypes.Email, user.Email),
                    new Claim(JwtClaimTypes.EmailVerified, user.EmailVerified ? "true" : "false", ClaimValueTypes.Boolean),
                    new Claim(_identityOptions.ClaimsIdentity.SecurityStampClaimType, user.SecurityStamp)
                });

                if (!string.IsNullOrWhiteSpace(user.Name))
                {
                    newClaims.Add(new Claim(JwtClaimTypes.Name, user.Name));
                }

                // Orgs that this user belongs to
                var orgs = await _organizationUserRepository.GetManyByUserAsync(user.Id);

                if (orgs.Any())
                {
                    var groupedOrgs = orgs.Where(o => o.Status == Enums.OrganizationUserStatusType.Confirmed)
                                      .GroupBy(o => o.Type);

                    foreach (var group in groupedOrgs)
                    {
                        switch (group.Key)
                        {
                        case Enums.OrganizationUserType.Owner:
                            foreach (var org in group)
                            {
                                newClaims.Add(new Claim("orgowner", org.OrganizationId.ToString()));
                            }
                            break;

                        case Enums.OrganizationUserType.Admin:
                            foreach (var org in group)
                            {
                                newClaims.Add(new Claim("orgadmin", org.OrganizationId.ToString()));
                            }
                            break;

                        case Enums.OrganizationUserType.User:
                            foreach (var org in group)
                            {
                                newClaims.Add(new Claim("orguser", org.OrganizationId.ToString()));
                            }
                            break;

                        default:
                            break;
                        }
                    }
                }
            }

            // filter out any of the new claims
            var existingClaimsToKeep = existingClaims
                                       .Where(c => !c.Type.StartsWith("org") && (newClaims.Count == 0 || !newClaims.Any(nc => nc.Type == c.Type)))
                                       .ToList();

            newClaims.AddRange(existingClaimsToKeep);
            if (newClaims.Any())
            {
                context.AddFilteredClaims(newClaims);
            }
        }
Пример #19
0
 /// <summary>
 /// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
 /// </summary>
 /// <param name="context">The context.</param>
 /// <returns></returns>
 public Task GetProfileDataAsync(ProfileDataRequestContext context)
 {
     context.AddFilteredClaims(context.Subject.Claims);
     return(Task.FromResult(0));
 }