ClaimsIdentity.FindFirst, System.Security.Claims C# (CSharp)代码示例

示例#1

2

显示文件

文件： ExternalLoginData.cs 项目： huoxudong125/Moviepicker

        public static ExternalLoginData FromIdentity(ClaimsIdentity identity)
        {
            if (identity == null)
            {
                return null;
            }

            var providerKeyClaim = identity.FindFirst(ClaimTypes.NameIdentifier);

            if (providerKeyClaim == null || string.IsNullOrWhiteSpace(providerKeyClaim.Issuer) || string.IsNullOrWhiteSpace(providerKeyClaim.Value))
            {
                return null;
            }

            if (providerKeyClaim.Issuer == ClaimsIdentity.DefaultIssuer)
            {
                return null;
            }

            return new ExternalLoginData
            {
                LoginProvider = providerKeyClaim.Issuer,
                ProviderKey = providerKeyClaim.Value,
                Username = identity.FindFirst(ClaimTypes.Name).Value,
                ExternalAccessToken = identity.FindFirst("ExternalAccessToken").Value
            };
        }

示例#2

0

显示文件

文件： OperationRepository.cs 项目： al-main/vabank

 public Operation Start(string name, ClaimsIdentity identity)
 {
     try
     {
         var timestamp = DateTime.UtcNow;
         identity = identity ?? new ClaimsIdentity();
         var sid = identity.FindFirst(UserClaim.Types.UserId);
         var userId = sid == null ? null : (Guid?)Guid.Parse(sid.Value);
         var clientIdClaim = identity.FindFirst(UserClaim.Types.ClientId);
         var clientId = clientIdClaim == null ? null : clientIdClaim.Value;
         var operationId = new SqlParameter("@Id", SqlDbType.UniqueIdentifier) {Direction = ParameterDirection.Output};
         var userIdSql = new SqlParameter("@AppUserId", (object)userId ?? DBNull.Value) {DbType = DbType.Guid};
         var appClientIdSql = new SqlParameter("@AppClientId", (object)clientId ?? DBNull.Value);
         var startedUtc = new SqlParameter("@StartedUtc", timestamp);
         var nameSql = new SqlParameter("@Name", SqlDbType.NVarChar, Restrict.Length.Name) {Value = (object)name ?? DBNull.Value};
         const string sql =
             @"EXEC [App].[StartOperation] @Id = @Id OUTPUT, @StartedUtc = @StartedUtc, @Name = @Name, @AppUserId = @AppUserId, @AppClientId = @AppClientId";
         Context.Database.ExecuteSqlCommand(sql, operationId, userIdSql, appClientIdSql, startedUtc, nameSql);
         var operation = Context.Set<Operation>().Find(operationId.Value);
         return operation;
     }
     catch (Exception ex)
     {
         throw new RepositoryException("Can't take operation marker from the db.", ex);
     }
 }

示例#3

0

显示文件

文件： ClaimHelper.cs 项目： EgyTechnology/WebApp-GroupClaims-DotNet

        public static async Task<List<string>> GetGroups(ClaimsIdentity claimsId)
        {
            if (claimsId.FindFirst("_claim_names") != null
                && (Json.Decode(claimsId.FindFirst("_claim_names").Value)).groups != null)
                return await GetGroupsFromGraphAPI(claimsId);

            return claimsId.FindAll("groups").Select(c => c.Value).ToList();
        }

示例#4

0

显示文件

文件： GraphUtil.cs 项目： tandis/PnP

        /// <summary>
        /// For access check user's group membership must be determined. 
        /// This method retrieves user's group membership from Azure AD Graph API if not present in the token.
        /// </summary>
        /// <param name="claimsIdentity">The <see cref="ClaimsIdenity" /> object that represents the 
        /// claims-based identity of the currently signed in user and contains thier claims.</param>
        /// <returns>A list of ObjectIDs representing the groups that the user is member of.</returns>
        public static async Task<List<string>> GetMemberGroups(ClaimsIdentity claimsIdentity)
        {
            //check for groups overage claim. If present query graph API for group membership
            if (claimsIdentity.FindFirst("_claim_names") != null
                && (Json.Decode(claimsIdentity.FindFirst("_claim_names").Value)).groups != null)
                return await GetGroupsFromGraphAPI(claimsIdentity);

            return claimsIdentity.FindAll("groups").Select(c => c.Value).ToList();
        }

示例#5

0

显示文件

文件： WebAuthorizeAttribute.cs 项目： quangnc0503h/ecommerce

 private bool isDeviceAuthorized(ClaimsIdentity identity)
 {
     Claim first1 = identity.FindFirst("Dsvn:DeviceKey");
     if (first1 != null && !string.IsNullOrEmpty(first1.Value))
     {
         if (string.IsNullOrEmpty(this.DeviceGroup))
             return true;
         Claim first2 = identity.FindFirst("Dsvn:DeviceGroups");
         if (first2 != null && !string.IsNullOrEmpty(first2.Value))
             return Enumerable.Contains<string>((IEnumerable<string>)first2.Value.Split(','), this.DeviceGroup);
     }
     return false;
 }

示例#6

0

显示文件

文件： ClaimHelper.cs 项目： EgyTechnology/WebApp-GroupClaims-DotNet

        private static async Task<List<string>> GetGroupsFromGraphAPI(ClaimsIdentity claimsIdentity)
        {
            List<string> groupObjectIds = new List<string>();

            // Acquire the Access Token
            ClientCredential credential = new ClientCredential(ConfigHelper.ClientId, ConfigHelper.AppKey);

            // MULTITENANT - Since I've set Tenant=common, we can't use the regular Authority here, we need the user's tenant
            // AuthenticationContext authContext = new AuthenticationContext(ConfigHelper.Authority,
            //    new TokenDbCache(claimsIdentity.FindFirst(Globals.ObjectIdClaimType).Value));
            string userAuthority = String.Format(CultureInfo.InvariantCulture,
                ConfigHelper.AadInstance,
                ClaimsPrincipal.Current.FindFirst(Globals.TenantIdClaimType).Value);
            AuthenticationContext authContext = new AuthenticationContext(userAuthority,
                new TokenDbCache(claimsIdentity.FindFirst(Globals.ObjectIdClaimType).Value));

            AuthenticationResult result = authContext.AcquireTokenSilent(ConfigHelper.GraphResourceId, credential,
                new UserIdentifier(claimsIdentity.FindFirst(Globals.ObjectIdClaimType).Value, UserIdentifierType.UniqueId));

            // Get the GraphAPI Group Endpoint for the specific user from the _claim_sources claim in token
            string groupsClaimSourceIndex = (Json.Decode(claimsIdentity.FindFirst("_claim_names").Value)).groups;
            var groupClaimsSource = (Json.Decode(claimsIdentity.FindFirst("_claim_sources").Value))[groupsClaimSourceIndex];
            string requestUrl = groupClaimsSource.endpoint + "?api-version=" + ConfigHelper.GraphApiVersion;

            // Prepare and Make the POST request
            HttpClient client = new HttpClient();
            HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, requestUrl);
            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
            StringContent content = new StringContent("{\"securityEnabledOnly\": \"false\"}");
            content.Headers.ContentType = new MediaTypeHeaderValue("application/json");
            request.Content = content;
            HttpResponseMessage response = await client.SendAsync(request);

            // Endpoint returns JSON with an array of Group ObjectIDs
            if (response.IsSuccessStatusCode)
            {
                string responseContent = await response.Content.ReadAsStringAsync();
                var groupsResult = (Json.Decode(responseContent)).value;

                foreach (string groupObjectID in groupsResult)
                    groupObjectIds.Add(groupObjectID);
            }
            else
            {
                throw new WebException();
            }

            return groupObjectIds;
        }

示例#7

0

显示文件

文件： TokenUtility.cs 项目： NewforceComputerTechnologies/DevCamp

        public virtual JwtSecurityToken CreateLoginToken(string secretKey, ClaimsIdentity claimsIdentity, ProviderCredentials providerCredentials)
        {
            if (string.IsNullOrEmpty(secretKey))
            {
                throw new ArgumentNullException("secretKey");
            }

            if (claimsIdentity == null)
            {
                throw new ArgumentNullException("claimsIdentity");
            }

            if (providerCredentials == null)
            {
                throw new ArgumentNullException("providerCredentials");
            }

            var providerKeyClaim = claimsIdentity.FindFirst(ClaimTypes.NameIdentifier);
            if (providerKeyClaim == null)
            {
                throw new ArgumentException("RResources.Token_Invalid.FormatForUser(claimsIdentity.Name, ClaimTypes.NameIdentifier)");
            }

            var uid = providerKeyClaim.Value;
            var credentialsClaimJson = JsonConvert.SerializeObject(providerCredentials, Formatting.None, this.tokenSerializerSettings);

            var claims = new List<Claim>();
            claims.Add(new Claim(ProviderCredentialsClaimName, credentialsClaimJson));
            claims.Add(new Claim("uid", uid));
            claims.Add(new Claim("ver", "1"));

            return this.CreateTokenFromClaims(claims, secretKey, ZumoAudienceValue, ZumoIssuerValue);
        }

示例#8

0

显示文件

文件： GoogleUserDetailsProvider.cs 项目： nandithakw/hasl

        public XcendentUser GetRegisteredUserInfo(ClaimsIdentity identity)
        {
            var url = @"https://www.googleapis.com/oauth2/v1/userinfo?alt=json&access_token=" + identity.FindFirst("ExternalAccessToken");


            throw new NotImplementedException();
        }

示例#9

0

显示文件

文件： OAuthLoginDataParser.cs 项目： netvietdev/RabbitOwinSecurity

        public ExternalLoginData Parse(ClaimsIdentity identity)
        {
            if (identity == null)
            {
                return null;
            }

            var nameClaim = identity.FindFirst(ClaimTypes.NameIdentifier);
            if (nameClaim == null || String.IsNullOrEmpty(nameClaim.Issuer) || String.IsNullOrEmpty(nameClaim.Value))
            {
                throw new ApplicationException("Cannot find a claim of ClaimTypes.NameIdentifier");
            }

            if (nameClaim.Issuer == ClaimsIdentity.DefaultIssuer)
            {
                return null;
            }

            var loginData = new ExternalLoginData
                {
                    ProviderName = nameClaim.Issuer,
                    ProviderKey = nameClaim.Value,
                    Name = identity.GetFirstOrDefault(ClaimTypes.Name),
                    Email = identity.GetFirstOrDefault(ClaimTypes.Email),
                };

            ParseDetailLoginData(identity, ref loginData);

            return loginData;
        }

示例#10

0

显示文件

文件： ExternalLoginData.cs 项目： charla-n/ManahostManager

        public static ExternalLoginData FromIdentity(ClaimsIdentity identity)
        {
            if (identity == null)
            {
                return null;
            }

            Claim providerKeyClaim = identity.FindFirst(ClaimTypes.NameIdentifier);

            if (providerKeyClaim == null || String.IsNullOrEmpty(providerKeyClaim.Issuer) || String.IsNullOrEmpty(providerKeyClaim.Value))
            {
                return null;
            }

            if (providerKeyClaim.Issuer == ClaimsIdentity.DefaultIssuer)
            {
                return null;
            }

            return new ExternalLoginData
            {
                LoginProvider = providerKeyClaim.Issuer,
                ProviderKey = providerKeyClaim.Value,
                UserName = identity.FindFirstValue(ClaimTypes.Name),
                ExternalAccessToken = identity.FindFirstValue(GenericNames.AUTHENTICATION_EXTERNAL_LOGIN),
            };
        }

示例#11

0

显示文件

文件： DefaultClaimUidExtractor.cs 项目： RehanSaeed/Mvc

        internal static IEnumerable<string> GetUniqueIdentifierParameters(ClaimsIdentity claimsIdentity)
        {
            var nameIdentifierClaim = claimsIdentity.FindFirst(claim =>
                                                            String.Equals(ClaimTypes.NameIdentifier,
                                                                        claim.Type, StringComparison.Ordinal));
            if (nameIdentifierClaim != null && !string.IsNullOrEmpty(nameIdentifierClaim.Value))
            {
                return new string[]
                {
                    ClaimTypes.NameIdentifier,
                    nameIdentifierClaim.Value
                };
            }

            // We Do not understand this claimsIdentity, fallback on serializing the entire claims Identity.
            var claims = claimsIdentity.Claims.ToList();
            claims.Sort((a, b) => string.Compare(a.Type, b.Type, StringComparison.Ordinal));
            var identifierParameters = new List<string>();
            foreach (var claim in claims)
            {
                identifierParameters.Add(claim.Type);
                identifierParameters.Add(claim.Value);
            }

            return identifierParameters;
        }

示例#12

0

显示文件

文件： ExternalLoginData.cs 项目： kidroca/project-quiz-mvc

        public static ExternalLoginData FromIdentity(ClaimsIdentity identity)
        {
            if (identity == null)
            {
                return null;
            }

            Claim providerKeyClaim = identity.FindFirst(ClaimTypes.NameIdentifier);

            if (providerKeyClaim == null || string.IsNullOrEmpty(providerKeyClaim.Issuer)
                || string.IsNullOrEmpty(providerKeyClaim.Value))
            {
                return null;
            }

            if (providerKeyClaim.Issuer == ClaimsIdentity.DefaultIssuer)
            {
                return null;
            }

            return new ExternalLoginData
            {
                LoginProvider = providerKeyClaim.Issuer,
                ProviderKey = providerKeyClaim.Value,
                UserName = identity.FindFirstValue(ClaimTypes.Name)
            };
        }

示例#13

0

显示文件

文件： AuthManager.cs 项目： HopeNB/web

        public async Task<bool> AuthorizeUser(ClaimsIdentity identity, Guid orgId)
        {
            var email = identity.FindFirst(c => c.Type == ClaimTypes.Email)?.Value;
            if (string.IsNullOrEmpty(email) == false)
            {
                using (var session = _store.QuerySession())
                {
                    Organization org = null;

                    var user = await session.Query<User>()
                        .Include<Organization>(u => u.OrganizationId, o => org = o)
                        .Where(u => u.OrganizationId == orgId)
                        .SingleOrDefaultAsync(u => u.EmailAddress.Equals(email, StringComparison.CurrentCultureIgnoreCase));

                    if (user != null)
                    {
                        identity.AddClaim(new Claim("dg:role", user.Role));
                        identity.AddClaim(new Claim("dg:org", org.Slug));
                        identity.AddClaim(new Claim("dg:userId", user.Id.ToString()));
                        
                        return true;
                    }
                }
            }

            // can't find account so return empty claims
            // this will force authentication failure
            return false;
        }

示例#14

0

显示文件

文件： ExpenseTrackerHttpClient.cs 项目： bkcrux/WebAPIDemo

        private static async void CheckAndPossiblyRefreshToken(ClaimsIdentity id)
        {
            // check if the access token hasn't expired.
            if (DateTime.Now.ToLocalTime() >=
                 (DateTime.Parse(id.FindFirst("expires_at").Value)))
            {
                // expired.  Get a new one.
                var tokenEndpointClient = new OAuth2Client(
                    new Uri(ExpenseTrackerConstants.IdSrvToken),
                    "mvc",
                    "secret");

                var tokenEndpointResponse = 
                    await tokenEndpointClient
                    .RequestRefreshTokenAsync(id.FindFirst("refresh_token").Value);

                if (!tokenEndpointResponse.IsError)
                {
                    // replace the claims with the new values - this means creating a 
                    // new identity!                              
                    var result = from claim in id.Claims
                                 where claim.Type != "access_token" && claim.Type != "refresh_token" &&
                                       claim.Type != "expires_at"
                                 select claim;

                    var claims = result.ToList();

                    claims.Add(new Claim("access_token", tokenEndpointResponse.AccessToken));
                    claims.Add(new Claim("expires_at",
                                 DateTime.Now.AddSeconds(tokenEndpointResponse.ExpiresIn)
                                 .ToLocalTime().ToString()));
                    claims.Add(new Claim("refresh_token", tokenEndpointResponse.RefreshToken));

                    var newIdentity = new ClaimsIdentity(claims, "Cookies");
                    var wrapper = new HttpRequestWrapper(HttpContext.Current.Request);
                    wrapper.GetOwinContext().Authentication.SignIn(newIdentity);
                }
                else
                {
                    // log, ...
                    throw new Exception("An error has occurred");
                }
            }
             

           
        }

示例#15

0

显示文件

文件： GraphUtil.cs 项目： bstearns/VipSwapper

        /// <summary>
        /// In the case of Groups claim overage, we must query the GraphAPI to obtain the group membership.
        /// Here we use the GraphAPI Client Library to do so.
        /// </summary>
        /// <param name="claimsIdentity">The <see cref="ClaimsIdenity" /> object that represents the 
        /// claims-based identity of the currently signed in user and contains thier claims.</param>
        /// <returns>A list of ObjectIDs representing the groups that the user is member of.</returns>
        private static async Task<List<string>> GetGroupsFromGraphAPI(ClaimsIdentity claimsIdentity)
        {
            List<string> groupObjectIds = new List<string>();

            string tenantId = claimsIdentity.FindFirst("http://schemas.microsoft.com/identity/claims/tenantid").Value;
            string signedInUserID = claimsIdentity.FindFirst(System.IdentityModel.Claims.ClaimTypes.NameIdentifier).Value;
            string userObjectID = claimsIdentity.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value;

            // Aquire Access Token to call Graph
            ClientCredential credential = new ClientCredential(ConfigurationManager.AppSettings["ida:ClientID"],
                ConfigurationManager.AppSettings["ida:Password"]);
            // initialize AuthenticationContext with the token cache of the currently signed in user, as kept in the app's EF DB
            AuthenticationContext authContext = new AuthenticationContext(
                string.Format(ConfigurationManager.AppSettings["ida:Authority"], tenantId), new ADALTokenCache(signedInUserID));
            AuthenticationResult result = authContext.AcquireTokenSilent(
                ConfigurationManager.AppSettings["ida:GraphAPIIdentifier"], credential, new UserIdentifier(userObjectID, UserIdentifierType.UniqueId));

            // Get the GraphAPI Group Endpoint for the specific user from the _claim_sources claim in token
            string groupsClaimSourceIndex = (Json.Decode(claimsIdentity.FindFirst("_claim_names").Value)).groups;
            var groupClaimsSource = (Json.Decode(claimsIdentity.FindFirst("_claim_sources").Value))[groupsClaimSourceIndex];
            string requestUrl = groupClaimsSource.endpoint + "?api-version=" + ConfigurationManager.AppSettings["ida:GraphAPIVersion"];

            // Prepare and Make the POST request
            HttpClient client = new HttpClient();
            HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, requestUrl);
            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
            StringContent content = new StringContent("{\"securityEnabledOnly\": \"false\"}");
            content.Headers.ContentType = new MediaTypeHeaderValue("application/json");
            request.Content = content;
            HttpResponseMessage response = await client.SendAsync(request);

            // Endpoint returns JSON with an array of Group ObjectIDs
            if (response.IsSuccessStatusCode)
            {
                string responseContent = await response.Content.ReadAsStringAsync();
                var groupsResult = (Json.Decode(responseContent)).value;

                foreach (string groupObjectID in groupsResult)
                    groupObjectIds.Add(groupObjectID);
            }
            else
            {
                throw new WebException();
            }

            return groupObjectIds;
        }

示例#16

0

显示文件

文件： LinkedInLoginProvider.cs 项目： yeenfei/samples

        public override ProviderCredentials CreateCredentials(
            ClaimsIdentity claimsIdentity)
        {
            Claim name = claimsIdentity.FindFirst(ClaimTypes.NameIdentifier);
            Claim providerAccessToken = claimsIdentity
                .FindFirst(ServiceClaimTypes.ProviderAccessToken);

            LinkedInCredentials credentials = new LinkedInCredentials
            {
                UserId = this.TokenHandler.CreateUserId(this.Name, name != null ?
                    name.Value : null),
                AccessToken = providerAccessToken != null ?
                    providerAccessToken.Value : null
            };

            return credentials;
        }

示例#17

0

显示文件

文件： AuthenticatedController.cs 项目： andyevans2000/Illuminate

 private List<string> GetModules(ClaimsIdentity ci)
 {
     if (ci.HasClaim(c => c.Type == IlluminateClaimTypes.OrgModules))
     {
         var concatModules = ci.FindFirst(c => c.Type == IlluminateClaimTypes.OrgModules).Value;
         return  Organisation.DecatenateModules(concatModules);
     }
     return new List<string> { "sickness", "leave" };
 }

示例#18

0

显示文件

文件： UserContext.cs 项目： EnvironmentAgency/prsd-iws

        private static Guid GetUserId(ClaimsIdentity identity, string claimType)
        {
            var idClaim = identity.FindFirst(claimType);

            if (idClaim != null)
            {
                return Guid.Parse(idClaim.Value);
            }

            return Guid.Empty;
        }

示例#19

0

显示文件

文件： ExternalLoginModel.cs 项目： ReaderOfDream/GuessThePicture

        public static ExternalLoginModel FromIdentity(ClaimsIdentity identity)
        {
            if (identity == null)
            {
                return null;
            }

            var idClaim = identity.FindFirst(ClaimTypes.NameIdentifier) ??
                          identity.FindFirst(OAuthClaimsParser.ClaimTypeUid);

            if (!IsOk(idClaim))
                return null;

            var result = new ExternalLoginModel();
            result.IsRegistered = (idClaim.Issuer == ClaimsIdentity.DefaultIssuer);

            ExternalLoginType loginProvider;
            if (!Enum.TryParse(idClaim.OriginalIssuer, true, out loginProvider))
                return null;
            result.Provider = loginProvider;

            if (identity.AuthenticationType == DefaultAuthenticationTypes.ExternalBearer)
            {
                var parser = OAuthClaimsParserFactory.Create(loginProvider, identity);

                result.ProviderKey = parser.GetProviderKey();
                result.Email = parser.GetEmail();
                result.FirstName = parser.GetFirstName();
                result.LastName = parser.GetLasttName();
                result.AvatarUrl = parser.GetAvatarUrl();
            }
            else
            {
                result.ProviderKey = identity.FindFirstValue(ClaimTypes.Sid);
                result.Email = identity.FindFirstValue(ClaimTypes.Email);
                result.FirstName = identity.FindFirstValue(ClaimTypes.GivenName);
                result.LastName = identity.FindFirstValue(ClaimTypes.Surname);
                result.AvatarUrl = identity.FindFirstValue(OAuthClaimsParser.ClaimTypeAvatarUrl);
            }
            return result;
        }

示例#20

0

显示文件

文件： UserProfileSocialService.cs 项目： Willjobs94/empleo-dot-net

        private UserProfile FromCommonClaimsIdentity(ClaimsIdentity identity)
        {
            var email = identity.FindFirst(x => x.Type.Contains("emailaddress"))?.Value ?? string.Empty;

            var name = identity.Name;

            return new UserProfile
            {
                Email = email,
                Name = name
            };
        }

示例#21

0

显示文件

文件： UserProvider.cs 项目： supperslonic/SupperSlonicWebSite

        /// <summary>
        /// Extracts user info from identity
        /// </summary>
        /// <param name="identity"></param>
        /// <returns></returns>
        public User TryGetRegisteredUserFromIdentity(ClaimsIdentity claimsIdentity)
        {
            if (claimsIdentity == null || !claimsIdentity.IsAuthenticated)
                return null;

            //if issued by external => user is not registered, return null
            Claim userIdClaim = claimsIdentity.FindFirst(ClaimTypes.NameIdentifier);
            if (userIdClaim.Issuer != ClaimsIdentity.DefaultIssuer)
                return null;

            return OwinHelper.CreateUser(claimsIdentity);
        }

示例#22

0

显示文件

文件： IdentityTransformer.cs 项目： IhorSyerkov/Azimuth

        private ClaimsPrincipal CreatePrincipal(ClaimsIdentity identity)
        {
            var snClaim = identity.FindFirst(ClaimTypes.NameIdentifier);
            var userEmail = identity.FindFirst(ClaimTypes.Email);
            if (snClaim == null)
            {
                throw new AuthenticationException();
            }

            var newClaims = AzimuthIdentity.RequiredClaims.Select(identity.FindFirst).Where(c => c != null).ToList();
            newClaims.Add(snClaim);
            if (userEmail != null)
            {
                newClaims.Add(userEmail);
            }

            var azIdentity = new AzimuthIdentity(newClaims,
                                        DefaultAuthenticationTypes.ApplicationCookie);

            return new ClaimsPrincipal(azIdentity);
        }

示例#23

0

显示文件

文件： CustomLoginProvider.cs 项目： joelgasso/blogcodes

        public override ProviderCredentials CreateCredentials(ClaimsIdentity claimsIdentity)
        {
            if (claimsIdentity == null) throw new ArgumentNullException("claimsIdentity");

            string username = claimsIdentity.FindFirst(ClaimTypes.NameIdentifier).Value;
            var credentials = new CustomLoginProviderCredentials
            {
                UserId = this.TokenHandler.CreateUserId(this.Name, username)
            };

            return credentials;
        }

示例#24

0

显示文件

文件： AgenciaController.cs 项目： josegcb/LibraryApp

 public JsonResult Escoger(int AgenciaId)
 {
     try {
         var authenticationManager = HttpContext.GetOwinContext().Authentication;
         var identity = new System.Security.Claims.ClaimsIdentity(User.Identity);
         var Claim    = identity.FindFirst(Lib.DataFilters.MustHaveAgencyParam);
         if (Claim != null)
         {
             identity.RemoveClaim(identity.FindFirst(Lib.DataFilters.MustHaveAgencyParam));
         }
         identity.AddClaim(new System.Security.Claims.Claim(Lib.DataFilters.MustHaveAgencyParam, AgenciaId.ToString()));
         authenticationManager.AuthenticationResponseGrant =
             new AuthenticationResponseGrant(
                 new ClaimsPrincipal(identity),
                 new AuthenticationProperties {
             IsPersistent = true
         }
                 );
         return(Json(new { success = true }));
     } catch (Exception ex) {
         return(Json(new { success = false, errors = ex.Message }));
     }
 }

示例#25

0

显示文件

        public void Find_CaseInsensivity()
        {
            var claim_type = new Claim("TYpe", "value");
            var id         = new ClaimsIdentity(
                new[] { claim_type },
                "base_auth_type", "base_name_claim_type", null);

            var f1 = id.FindFirst("tyPe");

            Assert.Equal("value", f1.Value);

            var f2 = id.FindAll("tyPE").First();

            Assert.Equal("value", f2.Value);
        }

示例#26

0

显示文件

文件： RoadZenLoginProvider.cs 项目： Jayesh800/AGS_Integration

        public override ProviderCredentials CreateCredentials(ClaimsIdentity claimsIdentity)
        {
            if (claimsIdentity == null)
            {
                throw new ArgumentNullException("claimsIdentity");
            }

            string formattedAccountGUID = (claimsIdentity.FindFirst("AccountGUID").Value).Replace("-","").ToUpper();
            RoadZenLoginProviderCredentials credentials = new RoadZenLoginProviderCredentials
            {
                UserId = this.TokenHandler.CreateUserId(this.Name, formattedAccountGUID)
            };

            return credentials;
        }

示例#27

0

显示文件

文件： JwtFactory.cs 项目： kumar4755/OnlineShoppingNetCore

        public async Task <string> GenerateEncodedToken(string userName, System.Security.Claims.ClaimsIdentity identity)
        {
            var claims = new[]
            {
                new Claim(JwtRegisteredClaimNames.Sub, userName),
                new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()),
                new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64),
                identity.FindFirst(Helpers.Constants.Strings.JwtClaimIdentifiers.Rol),
                identity.FindFirst(Helpers.Constants.Strings.JwtClaimIdentifiers.Id)
            };

            // Create the JWT security token and encode it.
            var jwt = new JwtSecurityToken(
                issuer: _jwtOptions.Issuer,
                audience: _jwtOptions.Audience,
                claims: claims,
                notBefore: _jwtOptions.NotBefore,
                expires: _jwtOptions.Expiration,
                signingCredentials: _jwtOptions.SigningCredentials);

            var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);

            return(encodedJwt);
        }

示例#28

0

显示文件

文件： AccountControllerService.cs 项目： CoditEU/lunchorder

        public async Task<GetUserInfoResponse> GetUserInfo(ClaimsIdentity claimsIdentity)
        {
            bool isAzureActiveDirectoryUser = false;
            var hasIssClaim = claimsIdentity.FindFirst("iss");
            if (hasIssClaim != null)
            {
                if (hasIssClaim.Value.Contains("sts.windows.net"))
                {
                    isAzureActiveDirectoryUser = true;
                }
            }
            
            var userName = claimsIdentity.GetUserName();
            
            var userInfo = await _databaseRepository.GetUserInfo(userName);
            
            // if the user is unknown, we store it in our own database.
            if (userInfo == null && isAzureActiveDirectoryUser)
            {
                var firstName = claimsIdentity.Claims.Where(x => x.Type == System.IdentityModel.Claims.ClaimTypes.GivenName).Select(x => x.Value).FirstOrDefault();
                var lastName = claimsIdentity.Claims.Where(x => x.Type == System.IdentityModel.Claims.ClaimTypes.Surname).Select(x => x.Value).FirstOrDefault();

                var user = await _userService.Create(userName, userName, firstName, lastName);
                await _databaseRepository.AddToUserList(user.Id, user.UserName, user.FirstName, user.LastName);
                userInfo = await _databaseRepository.GetUserInfo(userName);
            }

            var roleClaims = new List<Claim>();
            foreach (var userRole in userInfo.Roles)
            {
                roleClaims.Add(new Claim(ClaimTypes.Role, userRole));
            }

            var localClaimsIdentity = new ClaimsIdentity(
                   new List<Claim>
                   {
                    new Claim(ClaimTypes.Name, userInfo.UserName),
                    new Claim(ClaimTypes.GivenName, userInfo.Profile.FirstName),
                    new Claim(ClaimTypes.Surname, userInfo.Profile.LastName),
                    new Claim(ClaimTypes.NameIdentifier, userInfo.Id.ToString())
                   });
            localClaimsIdentity.AddClaims(roleClaims);

            var token = localClaimsIdentity.GenerateToken(_configurationService.LocalAuthentication.AudienceId, _configurationService.LocalAuthentication.AudienceSecret, _configurationService.LocalAuthentication.Issuer, DateTime.UtcNow.AddHours(-1), DateTime.UtcNow.AddDays(10));
            userInfo.UserToken = token;
            return userInfo;
        }

示例#29

0

显示文件

        public static string?GetClaimValue(this IEnumerable <Claim> claims, string claimType)
        {
            if (claims == null)
            {
                throw new ArgumentNullException(nameof(claims));
            }

            if (claimType == null)
            {
                throw new ArgumentNullException(nameof(claimType));
            }

            Claim[]        claimsArray = claims as Claim[] ?? claims.ToArray();
            ClaimsIdentity?subject     = claimsArray.FirstOrDefault()?.Subject;

            return(subject?.FindFirst(claimType)?.Value ?? claimsArray.ExtendedSingleOrDefault($"Finding claim: {claimType}", c => c.Type == claimType)?.Value);
        }

示例#30

0

显示文件

        /// <summary>
        /// Get all loggedon user groups and display name from AD.
        /// </summary>
        /// <param name="key"></param>
        /// <param name="dn"></param>
        /// <returns></returns>
        public static async Task <List <string> > GetAllGroups(System.Security.Claims.ClaimsIdentity claimsIdentity)
        {
            List <string> lgroups  = new List <string>();
            ObjectCache   cache    = MemoryCache.Default;
            var           cacheKey = GetCacheKey(claimsIdentity);

            // If the claims identity is not populated, return an empty list
            if (String.IsNullOrEmpty(cacheKey))
            {
                return(lgroups);
            }

            // If the claims identity is populated and already in the cache, just return the cached list
            if (cache.Contains(cacheKey))
            {
                return(cache.Get(cacheKey) as List <string>);
            }

            // If the claims identity is populated and NOT in the cache, call the Graph API and populate the cache
            try
            {
                MSGraphClient msGraphClient = new MSGraphClient(
                    ConfigHelper.Authority,
                    new ADALTokenCache(claimsIdentity.FindFirst("oid")?.Value));

                System.Collections.Generic.IList <Group> groups = await msGraphClient.GetCurrentUserGroupsAsync();

                var groupNameList = await GetGroupNameList(groups);

                return(cache.AddOrGetExisting(cacheKey, groupNameList, _CacheItemPolicy) as List <string>);
            }
            catch (AdalException ex)
            {
                //TODO: error handling
                return(new List <string>());
            }
            catch (Exception ex)
            {
                //TODO: error handling
                return(new List <string>());
            }
        }

示例#31

0

显示文件

        /// <summary>
        /// Returns the first claim value if found, or null.
        /// </summary>
        public static string GetClaimValueOrNull(this ClaimsIdentity claimsIdentity, string claimType)
        {
            if (claimsIdentity == null)
            {
                throw new ArgumentNullException("claimsIdentity");
            }

            if (string.IsNullOrEmpty(claimType))
            {
                throw new ArgumentNullException("claimType");
            }

            Claim claim = claimsIdentity.FindFirst(claimType);

            if (claim != null)
            {
                return(claim.Value);
            }

            return(null);
        }

示例#32

0

显示文件

文件： ExternalLoginModel.cs 项目： supperslonic/SupperSlonicWebSite

        public static ExternalLoginModel FromIdentity(ClaimsIdentity identity)
        {
            if (identity == null)
            {
                return null;
            }

            Claim idClaim = identity.FindFirst(ClaimTypes.NameIdentifier);

            if (!IsOk(idClaim))
                return null;

            ExternalLoginModel result = new ExternalLoginModel();
            result.IsRegistered = (idClaim.Issuer == ClaimsIdentity.DefaultIssuer);

            ExternalLoginProvider loginProvider;
            if (!Enum.TryParse<ExternalLoginProvider>(idClaim.OriginalIssuer, ignoreCase: true, result: out loginProvider))
                return null;
            result.Provider = loginProvider;

            if (identity.AuthenticationType == DefaultAuthenticationTypes.ExternalCookie)
            {
                result.ProviderKey = idClaim.Value;
                result.Email = identity.FindFirstValue(ClaimTypes.Email);
                result.FullName =
                    loginProvider == ExternalLoginProvider.Facebook ?
                    identity.FindFirstValue("urn:facebook:name") :
                    identity.FindFirstValue(ClaimTypes.Name);
            }
            else
            {
                result.ProviderKey = identity.FindFirstValue(ClaimTypes.Sid);
                result.Email = identity.FindFirstValue(ClaimTypes.Email);
                result.FullName = identity.FindFirstValue(ClaimTypes.GivenName);
            }

            result.AvatarUrl = identity.FindFirstValue(OwinHelper.ClaimTypeAvatarUrl);
            return result;
        }

示例#33

0

显示文件

文件： AccountController.cs 项目： Kazzje/Asp.Net-Identity-sample-app

 private bool VerifyExternalIdentity(ClaimsIdentity id, string loginProvider)
 {
     if (id == null)
     {
         return false;
     }
     Claim claim = id.FindFirst("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier");
     return claim != null && claim.Issuer == loginProvider;
 }

示例#34

0

显示文件

文件： AccountController.cs 项目： jdoan3/Travelfy

            public static ExternalLoginData FromIdentity(ClaimsIdentity identity)
            {
                if (identity == null)
                {
                    return null;
                }

                Claim providerKeyClaim = identity.FindFirst(ClaimTypes.NameIdentifier);

                if (providerKeyClaim == null || String.IsNullOrEmpty(providerKeyClaim.Issuer) || String.IsNullOrEmpty(providerKeyClaim.Value))
                {
                    return null;
                }

                if (providerKeyClaim.Issuer == ClaimsIdentity.DefaultIssuer)
                {
                    return null;
                }
                var fb = new FacebookClient(identity.FindFirstValue("ExternalAccessToken"));
                dynamic myInfo = fb.Get("/me?fields=email"); 
                return new ExternalLoginData
                {
                    LoginProvider = providerKeyClaim.Issuer,
                    ProviderKey = providerKeyClaim.Value,
                    UserName = identity.FindFirstValue(ClaimTypes.Name),
                    EmailAddress = myInfo.email,
                    ExternalAccessToken = identity.FindFirstValue("ExternalAccessToken"),
                };
            }

示例#35

0

显示文件

文件： AuthorizationServerProvider.cs 项目： hoangvv1409/codebase

        public override async Task GrantRefreshToken(OAuthGrantRefreshTokenContext context)
        {
            var originalClient = context.Ticket.Properties.Dictionary["as:client_id"];
            var currentClient = context.OwinContext.Get<string>("as:client_id");

            // enforce client binding of refresh token
            if (originalClient != currentClient)
            {
                context.Rejected();
                return;
            }

            // chance to change authentication ticket for refresh token requests
            var newId = new ClaimsIdentity(context.Ticket.Identity);

            newId.RemoveClaim(newId.FindFirst(c => c.Type == "RefreshToken"));
            newId.AddClaim(new Claim("RefreshToken", Guid.NewGuid().ToString()));

            var newTicket = new AuthenticationTicket(newId, context.Ticket.Properties);
            context.Validated(newTicket);
        }

示例#36

0

显示文件

文件： FWClaimsExtension.cs 项目： thvsoares/framework-core

 /// <summary>
 /// Gets the user given name.
 /// </summary>
 /// <param name="identity">The ClaimsIdentity object.</param>
 /// <returns>The user given name.</returns>
 public static string GetGivenName(this ClaimsIdentity identity)
 {
     return(identity.FindFirst(f => f.Type == ClaimTypes.GivenName)?.Value);
 }

示例#37

0

显示文件

文件： FWClaimsExtension.cs 项目： thvsoares/framework-core

 /// <summary>
 /// Gets the user Id.
 /// </summary>
 /// <param name="identity">The ClaimsIdentity object.</param>
 /// <returns>The user id.</returns>
 public static T GetId <T>(this ClaimsIdentity identity)
 {
     return((T)Convert.ChangeType(identity.FindFirst(f => f.Type == ClaimTypes.NameIdentifier)?.Value, typeof(T)));
 }

示例#38

0

显示文件

文件： GraphUtil.cs 项目： tandis/PnP

        /// <summary>
        /// During access management, the user searches for users and groups in the directory and grants them access.
        /// If the given search string matches exactly one user or group in the directory, this method returns its objectId.
        /// </summary>
        /// <param name="searchString">The search string entered by the user to lookup a user or group in the directory.</param>
        /// <returns>The objectID of the matching user or group.</returns>
        public static string LookupObjectIdOfAADUserOrGroup(string searchString, ClaimsIdentity Identity)
        {
            string userOrGroupObjectId = null;
            string tenantId = Identity.FindFirst("http://schemas.microsoft.com/identity/claims/tenantid").Value;
            string signedInUserID = Identity.FindFirst(System.IdentityModel.Claims.ClaimTypes.NameIdentifier).Value;
            string userObjectID = Identity.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value;

            ClientCredential credential = new ClientCredential(SettingsHelper.ClientId, SettingsHelper.ClientSecret);
            AuthenticationContext authContext = new AuthenticationContext(SettingsHelper.AzureADAuthority, new EfAdalTokenCache(signedInUserID));
            AuthenticationResult result = authContext.AcquireTokenSilent(
                SettingsHelper.AzureAdGraphResourceId, credential, new UserIdentifier(userObjectID, UserIdentifierType.UniqueId));

            HttpClient client = new HttpClient();

            string userQueryUrl = string.Format("{0}/{1}/users?api-version={2}&$filter=startswith(displayName,'{3}') or startswith(userPrincipalName,'{3}')",
                SettingsHelper.AzureAdGraphResourceId, tenantId,
                SettingsHelper.GraphAPIVersion, searchString);

            HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, userQueryUrl);
            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
            HttpResponseMessage response = client.SendAsync(request).Result;

            if (response.IsSuccessStatusCode)
            {
                var responseContent = response.Content;
                string responseString = responseContent.ReadAsStringAsync().Result;
                var users = (System.Web.Helpers.Json.Decode(responseString)).value;
                if (users.Length == 1) userOrGroupObjectId = users[0].objectId;
            }

            if (userOrGroupObjectId == null)
            {
                string groupQueryUrl = string.Format("{0}/{1}/groups?api-version={2}&$filter=startswith(displayName,'{3}')",
                    SettingsHelper.AzureAdGraphResourceId, tenantId,
                    SettingsHelper.GraphAPIVersion, searchString);

                request = new HttpRequestMessage(HttpMethod.Get, groupQueryUrl);
                request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
                response = client.SendAsync(request).Result;

                if (response.IsSuccessStatusCode)
                {
                    var responseContent = response.Content;
                    string responseString = responseContent.ReadAsStringAsync().Result;
                    var groups = (System.Web.Helpers.Json.Decode(responseString)).value;
                    if (groups.Length == 1) userOrGroupObjectId = groups[0].objectId;
                }
            }

            return userOrGroupObjectId;
        }

C# (CSharp) System.Security.Claims ClaimsIdentity.FindFirst示例

FindFirst() public method

public FindFirst ( Predicate match ) : Claim
match	Predicate	The function that performs the matching logic.
return	Claim