public IHttpActionResult Get()
{
var caller = User as ClaimsPrincipal;
var subjectClaim = caller.FindFirst("sub");
var identity = ((ClaimsIdentity)caller.Identity);
if (subjectClaim != null)
{
//we will only have this claim in hand if it was loaded through the filter
var emailClaim = ClaimsHelpers.GetClaim("emailaddress", identity);
return(Json(new
{
message = "OK user",
client = caller.FindFirst("client_id").Value,
email = emailClaim.Value,
subject = subjectClaim.Value
}));
}
else
{
return(Json(new
{
message = "OK computer",
client = caller.FindFirst("client_id").Value
}));
}
}
public override void OnActionExecuting(HttpActionContext actionContext)
{
var caller = actionContext.RequestContext.Principal as ClaimsPrincipal;
var identity = ((ClaimsIdentity)caller.Identity);
var userId = ClaimsHelpers.GetUserId(identity);
//if claims are loaded, carry on -- the majority use case is authenticated traffic
if (ClaimsHelpers.GetClaim("emailaddress", identity) != null)
{
//the claim already exists...party on
}
else
{
//load claims from somewhere (like in API project currently)
//use the userId from identity server to load claims in this context (API, or Admin)
////add static claim when claim does not exist
identity.AddClaim(new Claim(ClaimTypes.Email, "*****@*****.**" + userId));
//the claim should now exist...party on
}
}