本文整理汇总了C#中IClaimsPrincipal类的典型用法代码示例。如果您正苦于以下问题:C# IClaimsPrincipal类的具体用法?C# IClaimsPrincipal怎么用?C# IClaimsPrincipal使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
IClaimsPrincipal类属于命名空间,在下文中一共展示了IClaimsPrincipal类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: ShowClaims
private void ShowClaims(IClaimsPrincipal principal)
{
foreach (IClaimsIdentity identity in principal.Identities)
{
var identityInfo = new HtmlGenericControl("dl");
AddListItem(identityInfo, "BootstrapToken",
null != identity.BootstrapToken ? identity.BootstrapToken.ToString() : String.Empty);
AddListItem(identityInfo, "Label", identity.Label);
AddListItem(identityInfo, "NameClaimType", identity.NameClaimType);
AddListItem(identityInfo, "RoleClaimType", identity.RoleClaimType);
var claimsInfo = new HtmlGenericControl("dl");
identityInfo.Controls.Add(new HtmlGenericControl("dt") { InnerText = "Claims" });
var claims = new HtmlGenericControl("dd");
claims.Controls.Add(claimsInfo);
identityInfo.Controls.Add(claims);
foreach (Claim claim in identity.Claims)
{
AddListItem(claimsInfo, "ClaimType", claim.ClaimType);
AddListItem(claimsInfo, "Issuer", claim.Issuer);
AddListItem(claimsInfo, "OriginalIssuer", claim.OriginalIssuer);
AddListItem(claimsInfo, "Value", claim.Value);
AddListItem(claimsInfo, "ValueType", claim.ValueType);
}
claimsList.Controls.Add(identityInfo);
}
}示例2: GetScope
protected override Scope GetScope(IClaimsPrincipal principal, RequestSecurityToken request)
{
throw new NotImplementedException();
var scope = new Scope();
return scope;
}示例3: GetScope
protected override Scope GetScope(IClaimsPrincipal principal, RequestSecurityToken request)
{
Scope scope = new Scope(request.AppliesTo.Uri.AbsoluteUri, SecurityTokenServiceConfiguration.SigningCredentials);
string encryptingCertificateName = WebConfigurationManager.AppSettings[ApplicationSettingsNames.EncryptingCertificateName];
if (!string.IsNullOrEmpty(encryptingCertificateName))
{
scope.EncryptingCredentials = new X509EncryptingCredentials(CertificateUtilities.GetCertificate(StoreName.My, StoreLocation.LocalMachine, encryptingCertificateName));
}
else
{
scope.TokenEncryptionRequired = false;
}
if (!string.IsNullOrEmpty(request.ReplyTo))
{
scope.ReplyToAddress = request.ReplyTo;
}
else
{
scope.ReplyToAddress = scope.AppliesToAddress;
}
return scope;
}示例4: Authenticate
public override IClaimsPrincipal Authenticate(string resourceName, IClaimsPrincipal incomingPrincipal)
{
// do nothing if anonymous request
if (!incomingPrincipal.Identity.IsAuthenticated)
{
return base.Authenticate(resourceName, incomingPrincipal);
}
var userRepo = (System.Web.Mvc.DependencyResolver.Current.GetService(typeof(Blog.Dal.UserRepo)) as Blog.Dal.UserRepo);
string uniqueId = GetUniqueId(incomingPrincipal);
// check if user is registered
var user = userRepo.GetUserByIdentity(uniqueId);
if (user == null)
{
//user = userRepo.CreateUser(uniqueId);
//user.Claims.AddRange(ToSimpleClaim(uniqueId, incomingPrincipal.Identities[0].Claims));
}
else
{
// sync claims
}
//return CreateUserPrincipal(uniqueId, data);
//// authenticated by ACS, but not registered
//// create unique id claim
//incomingPrincipal.Identities[0].Claims.Add(new Claim(Constants.ClaimTypes.Id, uniqueId));
//return incomingPrincipal;
return base.Authenticate(resourceName, incomingPrincipal);
}示例5: GetScope
protected override Scope GetScope(IClaimsPrincipal principal, RequestSecurityToken request)
{
ValidateAppliesTo(request.AppliesTo);
Scope scope = new Scope(request.AppliesTo.Uri.OriginalString,
SecurityTokenServiceConfiguration.SigningCredentials);
var settings = ServiceLocator.Current.GetInstance<IEncryptionSettings>();
if (settings.Encrypt)
{
// Important note on setting the encrypting credentials.
// In a production deployment, you would need to select a certificate that is specific to the RP that is requesting the token.
// You can examine the 'request' to obtain information to determine the certificate to use.
scope.EncryptingCredentials = new X509EncryptingCredentials(settings.Certificate);
}
else
{
// If there is no encryption certificate specified, the STS will not perform encryption.
// This will succeed for tokens that are created without keys (BearerTokens) or asymmetric keys.
scope.TokenEncryptionRequired = false;
}
// Set the ReplyTo address for the WS-Federation passive protocol (wreply). This is the address to which responses will be directed.
// In this template, we have chosen to set this to the AppliesToAddress.
scope.ReplyToAddress = scope.AppliesToAddress;
return scope;
}示例6: GetScope
/// <summary>
/// Returns the configuration for the token issuance request.
/// </summary>
/// <param name="principal">The caller's principal.</param>
/// <param name="request">The incoming request security token.</param>
/// <returns>The scope information to be used for the token issuance.</returns>
protected override Scope GetScope(IClaimsPrincipal principal, RequestSecurityToken request)
{
// Verify the request, i.e. the requesting realm. The reply address does not need to be
// checked since it is being hardcoded within this security token service and does not
// depend on the request hence.
var appliesTo = request.AppliesTo.Uri.AbsoluteUri;
if(appliesTo != "http://www.silkveil.net/")
{
throw new SecurityException(string.Format(CultureInfo.CurrentUICulture,
"The uri '{0}' is not supported.", appliesTo));
}
// Create the scope.
var scope = new Scope(
request.AppliesTo.Uri.OriginalString,
this.SecurityTokenServiceConfiguration.SigningCredentials,
new X509EncryptingCredentials(new CertificateManager().GetEncryptingCertificate()));
// Get the navigation service.
var navigationService = this._container.Resolve<INavigationService>();
// Set the reply to address.
scope.ReplyToAddress = navigationService.GetUIPath();
// Return the scope to the caller.
return scope;
}示例7: GetScope
protected override Scope GetScope(IClaimsPrincipal principal, RequestSecurityToken request)
{
this.scopeModel = this.ValidateAppliesTo(request.AppliesTo);
var scope = new Scope(request.AppliesTo.Uri.OriginalString, SecurityTokenServiceConfiguration.SigningCredentials);
scope.TokenEncryptionRequired = false;
string replyTo;
if (!string.IsNullOrEmpty(request.ReplyTo))
{
replyTo = request.ReplyTo;
}
else if (this.scopeModel.Url != null)
{
replyTo = this.scopeModel.Url.ToString();
}
else
{
replyTo = scope.AppliesToAddress;
}
scope.ReplyToAddress = replyTo;
return scope;
}示例8: Authenticate
public override IClaimsPrincipal Authenticate(string resourceName, IClaimsPrincipal incomingPrincipal)
{
if (incomingPrincipal.Identity.IsAuthenticated)
{
var identity = incomingPrincipal.Identity as IClaimsIdentity;
var user = EnsureApplicationUser(identity);
if (user != null)
{
if (identity.Claims.FirstOrDefault(c => c.ClaimType == ClaimTypes.Name) == null)
{
identity.Claims.Add(new Claim(ClaimTypes.Name, user.Name, user.Name.GetType().Name, ClaimIssuerName));
}
if (identity.Claims.FirstOrDefault(c => c.ClaimType == ClaimTypes.Email) == null)
{
identity.Claims.Add(new Claim(ClaimTypes.Email, user.Email, user.Email.GetType().Name, ClaimIssuerName));
}
foreach (var role in user.Roles)
{
identity.Claims.Add(new Claim(ClaimTypes.Role, role.RoleName, role.RoleName.GetType().Name, ClaimIssuerName));
}
}
}
return incomingPrincipal;
}示例9: GetScope
/// <summary>
/// This method returns the configuration for the token issuance request. The configuration
/// is represented by the Scope class. In our case, we are only capable of issuing a token for a
/// single RP identity represented by the EncryptingCertificateName.
/// </summary>
/// <param name="principal">The caller's principal.</param>
/// <param name="request">The incoming RST.</param>
/// <returns>The scope information to be used for the token issuance.</returns>
protected override Scope GetScope(IClaimsPrincipal principal, RequestSecurityToken request)
{
ValidateAppliesTo(request.AppliesTo);
//
// Note: The signing certificate used by default has a Distinguished name of "CN=STSTestCert",
// and is located in the Personal certificate store of the Local Computer. Before going into production,
// ensure that you change this certificate to a valid CA-issued certificate as appropriate.
//
Scope scope = new Scope(request.AppliesTo.Uri.OriginalString, SecurityTokenServiceConfiguration.SigningCredentials);
if (!string.IsNullOrEmpty(_encryptingCertificateName))
{
// Important note on setting the encrypting credentials.
// In a production deployment, you would need to select a certificate that is specific to the RP that is requesting the token.
// You can examine the 'request' to obtain information to determine the certificate to use.
scope.EncryptingCredentials = new X509EncryptingCredentials(CertificateUtil.GetCertificate(StoreName.My, StoreLocation.LocalMachine, _encryptingCertificateName));
}
else
{
// If there is no encryption certificate specified, the STS will not perform encryption.
// This will succeed for tokens that are created without keys (BearerTokens) or asymmetric keys.
scope.TokenEncryptionRequired = false;
}
// Set the ReplyTo address for the WS-Federation passive protocol (wreply). This is the address to which responses will be directed.
// In this template, we have chosen to set this to the AppliesToAddress.
scope.ReplyToAddress = scope.AppliesToAddress;
return scope;
}示例10: GetClaims
public IEnumerable<Claim> GetClaims(IClaimsPrincipal principal, RequestDetails requestDetails)
{
var userName = principal.Identity.Name;
var claims = new List<Claim>();
// email address
string email = Membership.FindUsersByName(userName)[userName].Email;
if (!String.IsNullOrEmpty(email))
{
claims.Add(new Claim(ClaimTypes.Email, email));
}
// roles
GetRoles(userName, RoleTypes.Client).ToList().ForEach(role => claims.Add(new Claim(ClaimTypes.Role, role)));
// profile claims
if (ProfileManager.Enabled)
{
var profile = ProfileBase.Create(userName, true);
if (profile != null)
{
foreach (SettingsProperty prop in ProfileBase.Properties)
{
string value = profile.GetPropertyValue(prop.Name).ToString();
if (!String.IsNullOrWhiteSpace(value))
{
claims.Add(new Claim(ProfileClaimPrefix + prop.Name.ToLowerInvariant(), value));
}
}
}
}
return claims;
}示例11: GetScope
/// <summary>
/// Analyzes the token request
/// </summary>
/// <param name="principal">The principal.</param>
/// <param name="request">The request.</param>
/// <returns>A PolicyScope that describes the relying party and policy options</returns>
protected override Scope GetScope(IClaimsPrincipal principal, RequestSecurityToken rst)
{
if (rst.AppliesTo == null)
{
Tracing.Error(string.Format("token request from {0} - but no realm specified.",
principal.Identity.Name));
throw new MissingAppliesToException();
}
Tracing.Information(string.Format("Starting token request from {0} for {1}",
principal.Identity.Name,
rst.AppliesTo.Uri.AbsoluteUri));
Tracing.Information("Authentication method: " + principal.Identities.First().GetClaimValue(ClaimTypes.AuthenticationMethod));
// analyze request
var request = new Request(GlobalConfiguration);
var details = request.Analyze(rst, principal);
// validate against policy
request.Validate(details);
// create scope
var scope = new RequestDetailsScope(
details,
SecurityTokenServiceConfiguration.SigningCredentials,
GlobalConfiguration.RequireEncryption);
return scope;
}示例12: Authenticate
public override IClaimsPrincipal Authenticate(string resourceName, IClaimsPrincipal incomingPrincipal)
{
if (incomingPrincipal != null && incomingPrincipal.Identity.IsAuthenticated)
{
ClaimsIdentityCollection x509Ids = GetIdentitiesFromClaim(incomingPrincipal,
ClaimTypes.AuthenticationMethod, AuthenticationMethods.X509);
foreach(IClaimsIdentity x509Identity in x509Ids)
{
// this is the main identity, get the entity attributes in the Trust Fabric from the X509 thumbprint
string x509Thumbprint = GetClaimValue(x509Identity, "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint");
if (!string.IsNullOrEmpty(x509Thumbprint))
{
string x509HexThumbprint = Base64Util.FromBase64ToHex(x509Thumbprint);
List<EntityAttribute> entityAttributes = _trustFabric.GetWscEntityAttributesFromX509Thumprint(x509HexThumbprint);
// now add the antity attributes to the identity
foreach (EntityAttribute entityAttribute in entityAttributes)
{
x509Identity.Claims.Add(new Claim(entityAttribute.AttributeType, entityAttribute.AttributeValue));
}
}
}
}
return incomingPrincipal;
}示例13: GetClaims
public IEnumerable<Claim> GetClaims(IClaimsPrincipal principal, RequestDetails requestDetails)
{
var claims = from c in NewContext.UserClaims
where c.PartitionKey == principal.Identity.Name.ToLower() &&
c.Kind == UserClaimEntity.EntityKind
select new Claim(c.ClaimType, c.Value);
return claims.ToList();
}示例14: Authenticate
public override IClaimsPrincipal Authenticate(string resourceName, IClaimsPrincipal incomingPrincipal)
{
if (!incomingPrincipal.Identity.IsAuthenticated)
{
return base.Authenticate(resourceName, incomingPrincipal);
}
return CreateClientIdentity(incomingPrincipal.Identity as ClaimsIdentity);
}示例15: Authenticate
public override IClaimsPrincipal Authenticate(string resourceName, IClaimsPrincipal incomingPrincipal)
{
if (incomingPrincipal.Identity.IsAuthenticated)
{
incomingPrincipal.Identities.First().Claims.Add(new Claim("http://claims/localtest", DateTime.Now.ToLongTimeString()));
}
return incomingPrincipal;
}