/// <summary>
/// 只要有关用户的身份信息单元被请求(例如在令牌创建期间或通过用户信息终点),就会调用此方法
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
//判断是否有请求Claim信息
if (context.RequestedClaimTypes.Any())
{
//根据用户唯一标识查找用户信息
var user = Users.FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
//调用此方法以后内部会进行过滤,只将用户请求的Claim加入到 context.IssuedClaims 集合中 这样我们的请求方便能正常获取到所需Claim
var claim = new List <Claim> ()
{
new Claim("level", user.ProviderName),
new Claim(JwtClaimTypes.Role, "superadmin")
};
context.AddRequestedClaims(claim);
}
}
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
/// <summary>
/// 只要有關使用者的身份資訊單元被請求(例如在令牌建立期間或通過使用者資訊終點),就會呼叫此方法
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
//判斷是否有請求Claim資訊
if (context.RequestedClaimTypes.Any())
{
var user = GetUserById(context.Subject.GetSubjectId());
if (user != null)
{
//呼叫此方法以後內部會進行過濾,只將使用者請求的Claim加入到 context.IssuedClaims 集合中 這樣我們的請求方便能正常獲取到所需Claim
var claims = new[]
{
new Claim(ClaimTypes.Name, user.Account), //請求使用者的賬號,這個可以保證User.Identity.Name有值
new Claim(JwtClaimTypes.Name, user.Name), //請求使用者的姓名
};
//返回apiresource中定義的claims
context.AddRequestedClaims(claims);
}
}
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
/// <summary>
/// 只要有关用户的身份信息单元被请求(例如在令牌创建期间或通过用户信息终点),就会调用此方法
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
//判断是否有请求Claim信息
if (context.RequestedClaimTypes.Any())
{
var userClaims = new List <Claim>
{
new Claim("demo1", "测试1"),
new Claim("demo2", "测试2"),
};
List <TestUser> userList = new List <TestUser>()
{
new TestUser()
{
SubjectId = "cfac01a9-ba15-4678-bccb-cc22d7896362", Password = "******", Username = "******", Claims = userClaims
},
new TestUser()
{
SubjectId = "cfac01a9-ba15-4678-bccb-cc22d7855555", Password = "******", Username = "******"
},
};
TestUserStore userStore = new TestUserStore(userList);
//根据用户唯一标识查找用户信息
var user = userStore.FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
//调用此方法以后内部会进行过滤,只将用户请求的Claim加入到 context.IssuedClaims 集合中 这样我们的请求方便能正常获取到所需Claim
context.AddRequestedClaims(user.Claims);
}
//context.IssuedClaims=userClaims;
}
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
/// <summary>
/// 只要有关用户的身份信息单元被请求(例如在令牌创建期间或通过用户信息终点),就会调用此方法
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
//判断是否有请求Claim信息
if (context.RequestedClaimTypes.Any())
{
//根据用户唯一标识查找用户信息
var identityName = context.Subject.Identity.Name;
User user = GetUser(identityName);
// var user = Users.FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
//调用此方法以后内部会进行过滤,只将用户请求的Claim加入到 context.IssuedClaims 集合中 这样我们的请求方便能正常获取到所需Claim
var claims = new [] {
new Claim(ClaimTypes.Name, user.Account), //请求用户的账号,这个可以保证User.Identity.Name有值
new Claim(JwtClaimTypes.Name, user.Name), //请求用户的姓名
};
//返回apiresource中定义的claims
context.AddRequestedClaims(claims);
}
}
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(this._logger);
if (context.RequestedClaimTypes.Any())
{
var userSet = this._dbcontext.Set <User>();
var subject =
context.Subject.FindFirst(JwtClaimTypes.Subject);
if (subject == null)
{
throw new InvalidOperationException("sub claim is missing");
}
var user = userSet
.SingleOrDefault(user =>
user.Id == subject.Value
);
if (user != null)
{
var extraClaims = new List <Claim>
{
// this will add userName to name
new Claim("preferred_username", user.UserName),
};
context.AddRequestedClaims(extraClaims);
}
}
context.LogIssuedClaims(this._logger);
return(Task.CompletedTask);
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
try
{
context.LogProfileRequest(Logger);
var sub = context.Subject.GetSubjectId();
var user = await _userManager.FindByIdAsync(sub);
var principal = await _claimsFactory.CreateAsync(user);
var claims = principal.Claims.ToList();
claims = claims.Where(claim => context.RequestedClaimTypes.Contains(claim.Type)).ToList();
await GeneratePermissionsClaimMapFromSubject(claims, context, user);
await GenerateDataPolicyClaimMapFromSubject(claims, context, user);
if (user.Email != null)
{
claims.Add(new Claim(IdentityServerConstants.StandardScopes.Email, user.Email));
}
context.IssuedClaims = claims;
context.LogIssuedClaims(Logger);
}
catch (Exception ex)
{
Logger.LogError(ex, ex.Message.ToString());
throw;
}
}
public override async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
if (long.TryParse(context.Subject.GetSubjectId(), out var userId))
{
var member = await _discordClientProvider.GetMemberAsync(userId);
if (member is not null)
{
// add discord claims
TryAddClaim(context, DiscordClaimTypes.AvatarHash, member.AvatarHash);
TryAddClaim(context, DiscordClaimTypes.AvatarUrl, member.AvatarUrl);
TryAddClaim(context, DiscordClaimTypes.Discriminator, member.Discriminator);
TryAddClaim(context, DiscordClaimTypes.Username, member.Username);
TryAddClaim(context, DiscordClaimTypes.Nickname, member.Nickname);
// add discord role claims
foreach (var role in member.Roles)
{
TryAddClaim(context, DiscordClaimTypes.Role, role.Name);
}
// add app role claims
foreach (var appRole in _discordClientProvider.GetAppRoles(member))
{
TryAddClaim(context, AppClaimTypes.Role, appRole);
}
}
}
context.LogIssuedClaims(Logger);
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
var user = await UserManager.GetUserAsync(context.Subject);
// Adding the current claims from user
var principal = await _claimsFactory.CreateAsync(user);
var claimsUser = principal.Claims.ToList();
var subjectClaims = context.Subject.Claims.ToList();
subjectClaims.Merge(claimsUser);
subjectClaims.AddIfDontExist(new Claim("username", user.UserName));
subjectClaims.AddIfDontExist(new Claim(JwtClaimTypes.Name, user.UserName));
if (subjectClaims.All(a => a.Type != JwtClaimTypes.Role))
{
var roles = await UserManager.GetRolesAsync(user);
subjectClaims.AddRange(roles.Select(s => new Claim(JwtClaimTypes.Role, s)));
}
context.LogProfileRequest(Logger);
context.AddRequestedClaims(subjectClaims);
context.LogIssuedClaims(Logger);
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
if (context == null)
{
throw new ArgumentNullException(nameof(context));
}
_log.LogDebug("requested claims:");
foreach (var c in context.RequestedClaimTypes)
{
_log.LogDebug("{RequestedClaimType}", c);
}
_log.LogDebug("src subject claims:");
PrintClaims(context.Subject.Claims);
var u = await _usrMgr.GetUserAsync(context.Subject);
_log.LogDebug("user subject claims:");
PrintClaims(u?.Claims);
context.LogProfileRequest(_log);
context.AddRequestedClaims(u?.Claims);
context.LogIssuedClaims(_log);
_log.LogDebug("issued claims:");
PrintClaims(context.IssuedClaims);
}
/// <summary>
/// 只要有关用户的身份信息单元被请求(例如在令牌创建期间或通过用户信息终点),就会调用此方法
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
//判断是否有请求Claim信息
if (context.RequestedClaimTypes.Any())
{
//根据用户唯一标识查找用户信息
var user = await _userManager.FindByIdAsync(context.Subject.GetSubjectId());
if (user != null)
{
//调用此方法以后内部会进行过滤,只将用户请求的Claim加入到 context.IssuedClaims 集合中 这样我们的请求方便能正常获取到所需Claim
var claims = (await _userManager.GetClaimsAsync(user)).ToList();
var roles = await _userManager.GetRolesAsync(user);
foreach (var name in roles)
{
var role = await _roleManager.FindByNameAsync(name);
if (role != null)
{
claims.AddRange(await _roleManager.GetClaimsAsync(role));
}
}
context.IssuedClaims.AddRange(claims);
}
}
context.LogIssuedClaims(Logger);
}
public override async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
await base.GetProfileDataAsync(context);
context.LogIssuedClaims(Logger);
}
/// <summary>
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
context.AddRequestedClaims(context.Subject.Claims);
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
/// <summary>
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(_logger);
context.AddRequestedClaims(context.Subject.Claims);
context.LogIssuedClaims(_logger);
return(Task.FromResult(0));
}
/// <summary>
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
using var activity = Tracing.ServiceActivitySource.StartActivity("DefaultProfileService.GetProfileData");
context.LogProfileRequest(Logger);
context.AddRequestedClaims(context.Subject.Claims);
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(logger);
//context.IssuedClaims.Add(new System.Security.Claims.Claim(JwtClaimTypes.Name, "zzl"));
//context.IssuedClaims.Add(new System.Security.Claims.Claim(JwtClaimTypes.Email, "*****@*****.**"));
context.IssuedClaims.Add(new System.Security.Claims.Claim(JwtClaimTypes.Address, "*****@*****.**"));
context.IssuedClaims.AddRange(context.Subject.Claims);
return(Task.FromResult(0));
}
/// <summary>
/// 只要有关用户的身份信息单元被请求(例如在令牌创建期间或通过用户信息终点),就会调用此方法
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(_logger);
List <Claim> claims = context.Subject.Claims.ToList();
context.IssuedClaims = claims.ToList();
context.LogIssuedClaims(_logger);
return(Task.CompletedTask);
}
public override Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
if (context.RequestedClaimTypes.Any())
{
context.IssuedClaims.AddRange(FilterClaims(context, context.Subject.Claims));
}
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(logger);
if (context.RequestedClaimTypes.Any())
{
var user = await volunteerStore.FindByIdAsync(context.Subject.GetSubjectId(), CancellationToken.None);
if (user != null)
{
var requestedClaims = new List <Claim>();
foreach (var claimType in context.RequestedClaimTypes)
{
logger.LogDebug("Requesting ClaimType: {claimType}", claimType);
switch (claimType)
{
case JwtClaimTypes.Subject:
requestedClaims.Add(new Claim(claimType, user.Id));
break;
case JwtClaimTypes.Name:
requestedClaims.Add(new Claim(claimType, user.FullName));
break;
case JwtClaimTypes.FamilyName:
requestedClaims.Add(new Claim(claimType, user.LastName));
break;
case JwtClaimTypes.GivenName:
requestedClaims.Add(new Claim(claimType, user.FirstName));
break;
case JwtClaimTypes.PreferredUserName:
requestedClaims.Add(new Claim(claimType, user.UserName));
break;
case JwtClaimTypes.Role:
if (user.IsAdmin)
{
requestedClaims.Add(new Claim(claimType, "AdminAccess"));
}
requestedClaims.Add(new Claim(claimType, "VolunteerAccess"));
break;
}
}
context.AddRequestedClaims(requestedClaims);
}
}
context.LogIssuedClaims(logger);
}
/// <summary>
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
if (context.RequestedClaimTypes.Any())
{
var user = Users.FindBySubjectId(context.Subject.GetSubjectId());
context.AddRequestedClaims(user.Claims);
}
context.LogIssuedClaims(Logger);
return(Task.FromResult(0));
}
/// <summary>
/// Este metodo es llamado cuando un claim del usuario es requerido
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
if(context.RequestedClaimTypes.Any())
{
var User = Users.FindByUserId(
context.Subject.GetSubjectId());
if(User != null)
{
context.AddRequestedClaims(User.Claims);
}
context.LogIssuedClaims(Logger);
}
return Task.CompletedTask;
}
/// <summary>
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo
/// endpoint)
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(_logger);
if (context.RequestedClaimTypes.Any())
{
var user = await _userStore.FindBySubjectIdAsync(context.Subject.GetSubjectId());
if (user != null)
{
context.AddRequestedClaims(user.Claims);
}
}
context.LogIssuedClaims(_logger);
}
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(_logger);
var subject = context.Subject ?? throw new ArgumentNullException(nameof(context.Subject));
var subjectId = subject.Claims.Where(c => c.Type == "sub").FirstOrDefault()?.Value;
if (!int.TryParse(subjectId, out var inuserId))
{
throw new ArgumentException("Invalid subject identifier");
}
context.IssuedClaims.AddRange(context.Subject.Claims);
context.LogIssuedClaims(_logger);
return(Task.CompletedTask);
}
public override Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
if (context.RequestedClaimTypes.Any())
{
TestUser user = Users.FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
context.AddRequestedClaims(user.Claims);
var apiLevel = user.Claims.Where(claim => claim.Type == Config.ApiLevel);
context.IssuedClaims.AddRange(apiLevel);
}
}
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
if (context.RequestedClaimTypes.Any())
{
//var user = _dbContext.Users.FindBySubjectId(context.Subject.GetSubjectId());
//if (user != null)
//{
// context.AddRequestedClaims(user.Claims);
//}
}
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
/// <summary>
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
if (context.RequestedClaimTypes.Any())
{
var user = Users.FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
context.IssuedClaims.AddRange(user.Claims);
}
}
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Log);
//>Processing
var user = _userManager.GetUserAsync(context.Subject).Result;
var claims = new List <Claim>
{
new Claim("BC_Address", user.BC_Address),
};
context.IssuedClaims.AddRange(claims);
context.LogIssuedClaims(Log);
//>Return
return(Task.FromResult(0));
}
/// <summary>
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
if (context.RequestedClaimTypes.Any())
{
var user = Users.FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
context.AddRequestedClaims(user.Claims.Select(c => new Claim(c.Key, c.Value)).ToList());
}
}
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
/// <summary>
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
if (context.RequestedClaimTypes.Any())
{
var user = new TestUserStore(_security.CurrentValue.Users).FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
context.AddRequestedClaims(user.Claims);
}
}
context.IssuedClaims = context.Subject.Claims.ToList();
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
/// <summary>
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
if (context.RequestedClaimTypes.Any())
{
var user = await _usersService.FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
context.AddRequestedClaims(user.Claims);
}
}
context.LogIssuedClaims(Logger);
//return Task.CompletedTask;
}
/// <summary>
/// 只要有关用户的身份信息单元被请求(例如在令牌创建期间或通过用户信息终点),就会调用此方法
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public Task GetProfileDataAsync(ProfileDataRequestContext context)
{
context.LogProfileRequest(Logger);
//判断是否有请求Claim信息
if (context.RequestedClaimTypes.Any())
{
//根据用户唯一标识查找用户信息
var user = Users.FindBySubjectId(context.Subject.GetSubjectId());
if (user != null)
{
//调用此方法以后内部会进行过滤,只将用户请求的Claim加入到 context.IssuedClaims 集合中 这样我们的请求方便能正常获取到所需Claim
context.AddRequestedClaims(user.Claims);
}
}
context.LogIssuedClaims(Logger);
return(Task.CompletedTask);
}
