private async ValueTask <SharePointUserTokenResult> UserSessionTokenHandler(string key, Uri target) { if (target == null) { return(null); } var tokenResult = GetSessionValueOrDefault <SharePointUserTokenResult>(key); if (tokenResult == null || tokenResult.Expires.AddMinutes(-1) <= DateTime.UtcNow) { var tokenResponse = await GetS2SAccessTokenWithWindowsIdentity(target, GetWindowsIdentity()); var user = await _sharePointClient.GetSharePointContextUser(target, tokenResponse.AccessToken); tokenResult = new SharePointUserTokenResult(tokenResponse.AccessToken, tokenResponse.Expires, user); SetSessionValue(key, tokenResult); } return(tokenResult); }
internal static ClaimsPrincipal ToClaimsPrincipal(this SharePointUserTokenResult tokenResult, string authenticationType, IEnumerable <string> roles = null) { var claimsIdentity = new ClaimsIdentity(authenticationType); claimsIdentity.AddClaims(new[] { new Claim(ClaimTypes.NameIdentifier, tokenResult.User.Id.ToString()), new Claim(ClaimTypes.Upn, tokenResult.User.UserPrincipalName), new Claim(ClaimTypes.Name, tokenResult.User.Title), new Claim(ClaimTypes.Email, tokenResult.User.Email), new Claim(SharePointAuthentication.AccessTokenClaim, tokenResult.AccessToken), }); if (roles != null) { foreach (var role in roles) { claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, role)); } } return(new ClaimsPrincipal(claimsIdentity)); }