public async Task <ISiteSettings> Fetch(Guid siteId)
{
var site = await queries.Fetch(siteId, CancellationToken);
dataProtector.UnProtect(site);
return(site);
}
public async Task <SiteContext> ResolveSite(
string hostName,
string pathStartingSegment,
CancellationToken cancellationToken = default(CancellationToken)
)
{
ISiteSettings site = null;
if (_multiTenantOptions.Mode == MultiTenantMode.FolderName)
{
if (string.IsNullOrWhiteSpace(pathStartingSegment))
{
pathStartingSegment = "root";
}
site = await _siteQueries.FetchByFolderName(pathStartingSegment, cancellationToken);
}
else
{
site = await _siteQueries.Fetch(hostName, cancellationToken);
}
if (site != null)
{
_dataProtector.UnProtect(site);
return(new SiteContext(site));
}
return(null);
}
public override async Task <ClaimsPrincipal> CreateAsync(TUser user)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
// base class takes care of all the default stuff like roles name id etc
var principal = await base.CreateAsync(user);
if (principal.Identity is ClaimsIdentity)
{
var identity = (ClaimsIdentity)principal.Identity;
foreach (var provider in customClaimProviders)
{
await provider.AddClaims(user, identity);
}
var displayNameClaim = new Claim("DisplayName", user.DisplayName);
if (!identity.HasClaim(displayNameClaim.Type, displayNameClaim.Value))
{
identity.AddClaim(displayNameClaim);
}
var emailClaim = new Claim(ClaimTypes.Email, user.Email);
if (!identity.HasClaim(emailClaim.Type, emailClaim.Value))
{
identity.AddClaim(emailClaim);
}
var site = await queries.Fetch(user.SiteId, CancellationToken.None);
if (site != null)
{
var siteGuidClaim = new Claim("SiteGuid", site.Id.ToString());
if (!identity.HasClaim(siteGuidClaim.Type, siteGuidClaim.Value))
{
identity.AddClaim(siteGuidClaim);
}
}
if (principal.IsInRole("Administrators"))
{
if (site != null && site.IsServerAdminSite)
{
Claim serverAdminRoleClaim = new Claim(Options.ClaimsIdentity.RoleClaimType, "ServerAdmins");
identity.AddClaim(serverAdminRoleClaim);
}
}
}
return(principal);
}
private async Task<TenantContext<SiteContext>> ResolveByHostAsync(HttpContext context)
{
TenantContext<SiteContext> tenantContext = null;
CancellationToken cancellationToken = context?.RequestAborted ?? CancellationToken.None;
ISiteSettings site = await siteRepo.Fetch(context.Request.Host.Value, cancellationToken);
if (site != null)
{
dataProtector.UnProtect(site);
var siteContext = new SiteContext(site);
tenantContext = new TenantContext<SiteContext>(siteContext);
}
return tenantContext;
}
//private readonly IOidcHybridFlowHelper _oidcHybridFlowHelper;
public override async Task <ClaimsPrincipal> CreateAsync(TUser user)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
// base class takes care of all the default stuff like roles name id etc
var principal = await base.CreateAsync(user);
if (principal.Identity is ClaimsIdentity)
{
var identity = (ClaimsIdentity)principal.Identity;
foreach (var provider in _customClaimProviders)
{
await provider.AddClaims(user, identity);
}
if (!string.IsNullOrWhiteSpace(user.BrowserKey))
{
var browserKeyClaim = new Claim("browser-key", user.BrowserKey);
if (!identity.Claims.Any(x => x.Type == "browser-key"))
{
identity.AddClaim(browserKeyClaim);
}
}
var displayNameClaim = new Claim("DisplayName", user.DisplayName);
if (!identity.HasClaim(displayNameClaim.Type, displayNameClaim.Value))
{
identity.AddClaim(displayNameClaim);
}
if (!string.IsNullOrWhiteSpace(user.AvatarUrl))
{
var avatarUrlClaim = new Claim("AvatarUrl", user.AvatarUrl);
if (!identity.HasClaim(avatarUrlClaim.Type, avatarUrlClaim.Value))
{
identity.AddClaim(avatarUrlClaim);
}
}
if (!string.IsNullOrEmpty(user.Email))
{
var emailClaim = new Claim("email", user.Email);
if (!identity.HasClaim(emailClaim.Type, emailClaim.Value))
{
identity.AddClaim(emailClaim);
}
}
var site = await _queries.Fetch(user.SiteId, CancellationToken.None);
if (site != null)
{
var siteGuidClaim = new Claim("SiteGuid", site.Id.ToString());
if (!identity.HasClaim(siteGuidClaim.Type, siteGuidClaim.Value))
{
identity.AddClaim(siteGuidClaim);
}
}
if (principal.IsInRole("Administrators"))
{
if (site != null && site.IsServerAdminSite)
{
Claim serverAdminRoleClaim = new Claim(Options.ClaimsIdentity.RoleClaimType, "ServerAdmins");
identity.AddClaim(serverAdminRoleClaim);
}
}
//var jwt = await _oidcHybridFlowHelper.GetCurrentJwt(principal);
//if (!string.IsNullOrEmpty(jwt))
//{
// var accessTokenClaim = new Claim("access_token", jwt);
// if (!identity.HasClaim(accessTokenClaim.Type, accessTokenClaim.Value))
// {
// identity.AddClaim(accessTokenClaim);
// }
//}
}
return(principal);
}
public override async Task <ClaimsPrincipal> CreateAsync(TUser user)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
var principal = await base.CreateAsync(user);
var id = principal.Identities.First();
var userId = await UserManager.GetUserIdAsync(user);
var userName = await UserManager.GetUserNameAsync(user);
//commented out 20170-07-25 breaking chnage in 2.0
//var authScheme = options.Cookies.ApplicationCookie.AuthenticationScheme;
//var authScheme = "Identity.Application";
//var id = new ClaimsIdentity(
// authScheme,
// Options.ClaimsIdentity.UserNameClaimType,
// Options.ClaimsIdentity.RoleClaimType);
id.AddClaim(new Claim(Options.ClaimsIdentity.UserIdClaimType, userId));
id.AddClaim(new Claim(Options.ClaimsIdentity.UserNameClaimType, userName));
//needed by identityserver integration
id.AddClaim(new Claim("sub", userId)); //JwtClaimTypes.Subject
id.AddClaim(new Claim("name", userName)); //JwtClaimTypes.Name
if (UserManager.SupportsUserSecurityStamp)
{
id.AddClaim(new Claim(Options.ClaimsIdentity.SecurityStampClaimType,
await UserManager.GetSecurityStampAsync(user)));
}
if (UserManager.SupportsUserRole)
{
var roles = await UserManager.GetRolesAsync(user);
foreach (var roleName in roles)
{
id.AddClaim(new Claim(Options.ClaimsIdentity.RoleClaimType, roleName));
if (RoleManager.SupportsRoleClaims)
{
var role = await RoleManager.FindByNameAsync(roleName);
if (role != null)
{
id.AddClaims(await RoleManager.GetClaimsAsync(role));
}
}
}
}
if (UserManager.SupportsUserClaim)
{
id.AddClaims(await UserManager.GetClaimsAsync(user));
}
foreach (var provider in customClaimProviders)
{
await provider.AddClaims(user, id);
}
//var principal = new ClaimsPrincipal(id);
if (principal.Identity is ClaimsIdentity)
{
var identity = (ClaimsIdentity)principal.Identity;
var displayNameClaim = new Claim("DisplayName", user.DisplayName);
if (!identity.HasClaim(displayNameClaim.Type, displayNameClaim.Value))
{
identity.AddClaim(displayNameClaim);
}
var emailClaim = new Claim(ClaimTypes.Email, user.Email);
if (!identity.HasClaim(emailClaim.Type, emailClaim.Value))
{
identity.AddClaim(emailClaim);
}
var site = await queries.Fetch(user.SiteId, CancellationToken.None);
if (site != null)
{
var siteGuidClaim = new Claim("SiteGuid", site.Id.ToString());
if (!identity.HasClaim(siteGuidClaim.Type, siteGuidClaim.Value))
{
identity.AddClaim(siteGuidClaim);
}
}
if (principal.IsInRole("Administrators"))
{
if (site != null && site.IsServerAdminSite)
{
Claim serverAdminRoleClaim = new Claim(ClaimTypes.Role, "ServerAdmins");
identity.AddClaim(serverAdminRoleClaim);
}
}
}
return(principal);
}
public async Task <ISiteSettings> GetCurrentSiteSettings()
{
return(await _queries.Fetch(CurrentSite.Id, CancellationToken));
}
public override async Task <ClaimsPrincipal> CreateAsync(TUser user)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
var userId = await UserManager.GetUserIdAsync(user);
var userName = await UserManager.GetUserNameAsync(user);
var id = new ClaimsIdentity(
options.Cookies.ApplicationCookie.AuthenticationScheme,
Options.ClaimsIdentity.UserNameClaimType,
Options.ClaimsIdentity.RoleClaimType);
id.AddClaim(new Claim(Options.ClaimsIdentity.UserIdClaimType, userId));
id.AddClaim(new Claim(Options.ClaimsIdentity.UserNameClaimType, userName));
if (UserManager.SupportsUserSecurityStamp)
{
id.AddClaim(new Claim(Options.ClaimsIdentity.SecurityStampClaimType,
await UserManager.GetSecurityStampAsync(user)));
}
if (UserManager.SupportsUserRole)
{
var roles = await UserManager.GetRolesAsync(user);
foreach (var roleName in roles)
{
id.AddClaim(new Claim(Options.ClaimsIdentity.RoleClaimType, roleName));
if (RoleManager.SupportsRoleClaims)
{
var role = await RoleManager.FindByNameAsync(roleName);
if (role != null)
{
id.AddClaims(await RoleManager.GetClaimsAsync(role));
}
}
}
}
if (UserManager.SupportsUserClaim)
{
id.AddClaims(await UserManager.GetClaimsAsync(user));
}
var principal = new ClaimsPrincipal(id);
if (principal.Identity is ClaimsIdentity)
{
var identity = (ClaimsIdentity)principal.Identity;
var displayNameClaim = new Claim("DisplayName", user.DisplayName);
if (!identity.HasClaim(displayNameClaim.Type, displayNameClaim.Value))
{
identity.AddClaim(displayNameClaim);
}
var emailClaim = new Claim(ClaimTypes.Email, user.Email);
if (!identity.HasClaim(emailClaim.Type, emailClaim.Value))
{
identity.AddClaim(emailClaim);
}
var site = await queries.Fetch(user.SiteId, CancellationToken.None);
if (site != null)
{
var siteGuidClaim = new Claim("SiteGuid", site.Id.ToString());
if (!identity.HasClaim(siteGuidClaim.Type, siteGuidClaim.Value))
{
identity.AddClaim(siteGuidClaim);
}
}
if (principal.IsInRole("Administrators"))
{
if (site != null && site.IsServerAdminSite)
{
Claim serverAdminRoleClaim = new Claim(ClaimTypes.Role, "ServerAdmins");
identity.AddClaim(serverAdminRoleClaim);
}
}
}
return(principal);
}
