本文整理汇总了C#中System.Security.Claims.ClaimsPrincipal.GetSubjectId方法的典型用法代码示例。如果您正苦于以下问题:C# ClaimsPrincipal.GetSubjectId方法的具体用法?C# ClaimsPrincipal.GetSubjectId怎么用?C# ClaimsPrincipal.GetSubjectId使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类System.Security.Claims.ClaimsPrincipal的用法示例。
在下文中一共展示了ClaimsPrincipal.GetSubjectId方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: UpdateConsentAsync
public async Task UpdateConsentAsync(Client client, ClaimsPrincipal user, IEnumerable<string> scopes)
{
if (client == null) throw new ArgumentNullException("client");
if (user == null) throw new ArgumentNullException("user");
if (client.AllowRememberConsent)
{
var subject = user.GetSubjectId();
var clientId = client.ClientId;
if (scopes != null && scopes.Any())
{
var consent = new Consent
{
Subject = subject,
ClientId = clientId,
Scopes = scopes
};
await _store.UpdateAsync(consent);
}
else
{
await _store.RevokeAsync(subject, clientId);
}
}
}示例2: GetIdentityTokenClaimsAsync
public virtual async Task<IEnumerable<Claim>> GetIdentityTokenClaimsAsync(ClaimsPrincipal subject, Client client, IEnumerable<Scope> scopes, bool includeAllIdentityClaims, NameValueCollection request)
{
Logger.Debug("Getting claims for identity token");
List<Claim> outputClaims = new List<Claim>(GetStandardSubjectClaims(subject));
var additionalClaims = new List<string>();
// fetch all identity claims that need to go into the id token
foreach (var scope in scopes)
{
if (scope.IsOpenIdScope)
{
foreach (var scopeClaim in scope.Claims)
{
if (includeAllIdentityClaims || scopeClaim.AlwaysIncludeInIdToken)
{
additionalClaims.Add(scopeClaim.Name);
}
}
}
}
if (additionalClaims.Count > 0)
{
var claims = await _users.GetProfileDataAsync(subject.GetSubjectId(), additionalClaims);
if (claims != null)
{
outputClaims.AddRange(claims);
}
}
return outputClaims;
}示例3: RequiresConsentAsync
public async Task<bool> RequiresConsentAsync(Client client, ClaimsPrincipal user, IEnumerable<string> scopes)
{
if (client == null) throw new ArgumentNullException("client");
if (user == null) throw new ArgumentNullException("user");
if (!client.RequireConsent)
{
return false;
}
// TODO: validate that this is a correct statement
if (!client.AllowRememberConsent)
{
return true;
}
if (scopes == null || !scopes.Any())
{
return false;
}
var consent = await _store.LoadAsync(user.GetSubjectId(), client.ClientId);
if (consent != null && consent.Scopes != null)
{
var intersect = scopes.Intersect(consent.Scopes);
return !(scopes.Count() == intersect.Count());
}
return true;
}示例4: GetProfileDataAsync
public Task<IEnumerable<Claim>> GetProfileDataAsync(ClaimsPrincipal subject, IEnumerable<string> requestedClaimTypes = null) {
var user = _users.SingleOrDefault(x => x.Subject == subject.GetSubjectId());
if (user == null) {
return Task.FromResult<IEnumerable<Claim>>(null);
}
return Task.FromResult(user.Claims.Where(x => requestedClaimTypes.Contains(x.Type)));
}示例5: UpdateConsentAsync
public async Task UpdateConsentAsync(Client client, ClaimsPrincipal user, IEnumerable<string> scopes)
{
if (client == null) throw new ArgumentNullException("client");
if (user == null) throw new ArgumentNullException("user");
if (client.AllowRememberConsent)
{
await _store.UpdateConsentAsync(client.ClientId, user.GetSubjectId(), scopes);
}
}示例6: ValidateAsync
public async Task<ValidationResult> ValidateAsync(NameValueCollection parameters, ClaimsPrincipal subject)
{
_validatedRequest.Raw = parameters;
_validatedRequest.Subject = subject;
if (!subject.Identity.IsAuthenticated)
{
return Invalid();
}
var idTokenHint = parameters.Get(Constants.EndSessionRequest.IdTokenHint);
if (idTokenHint.IsPresent())
{
// validate id_token - no need to validate token life time
var tokenValidationResult = await _tokenValidator.ValidateIdentityTokenAsync(idTokenHint, null, false);
if (tokenValidationResult.IsError)
{
return Invalid();
}
_validatedRequest.Client = tokenValidationResult.Client;
// validate sub claim against currently logged on user
var subClaim = tokenValidationResult.Claims.FirstOrDefault(c => c.Type == Constants.ClaimTypes.Subject);
if (subClaim != null)
{
if (subject.GetSubjectId() != subClaim.Value)
{
return Invalid();
}
}
var redirectUri = parameters.Get(Constants.EndSessionRequest.PostLogoutRedirectUri);
if (redirectUri.IsPresent())
{
if (await _uriValidator.IsPostLogoutRedirecUriValidAsync(redirectUri, _validatedRequest.Client) == true)
{
_validatedRequest.PostLogOutUri = redirectUri;
}
else
{
return Invalid();
}
var state = parameters.Get(Constants.EndSessionRequest.State);
if (state.IsPresent())
{
_validatedRequest.State = state;
}
}
}
return Valid();
}示例7: RequiresConsentAsync
public async Task<bool> RequiresConsentAsync(Client client, ClaimsPrincipal user, IEnumerable<string> scopes)
{
if (client == null) throw new ArgumentNullException("client");
if (user == null) throw new ArgumentNullException("user");
if (!client.RequireConsent)
{
return false;
}
return await _store.RequiresConsentAsync(client.ClientId, user.GetSubjectId(), scopes);
}示例8: GetIdentityTokenClaimsAsync
/// <summary>
/// Returns claims for an identity token
/// </summary>
/// <param name="subject">The subject</param>
/// <param name="client">The client</param>
/// <param name="scopes">The requested scopes</param>
/// <param name="includeAllIdentityClaims">Specifies if all claims should be included in the token, or if the userinfo endpoint can be used to retrieve them</param>
/// <param name="request">The raw request</param>
/// <returns>
/// Claims for the identity token
/// </returns>
public virtual async Task<IEnumerable<Claim>> GetIdentityTokenClaimsAsync(ClaimsPrincipal subject, Client client, IEnumerable<Scope> scopes, bool includeAllIdentityClaims, ValidatedRequest request)
{
Logger.Info("Getting claims for identity token for subject: " + subject.GetSubjectId());
var outputClaims = new List<Claim>(GetStandardSubjectClaims(subject));
outputClaims.AddRange(GetOptionalClaims(subject));
var additionalClaims = new List<string>();
// if a include all claims rule exists, call the user service without a claims filter
if (scopes.IncludesAllClaimsForUserRule(ScopeType.Identity))
{
Logger.Info("All claims rule found - emitting all claims for user.");
var claims = await _users.GetProfileDataAsync(subject);
if (claims != null)
{
outputClaims.AddRange(claims);
}
return outputClaims;
}
// fetch all identity claims that need to go into the id token
foreach (var scope in scopes)
{
if (scope.Type == ScopeType.Identity)
{
foreach (var scopeClaim in scope.Claims)
{
if (includeAllIdentityClaims || scopeClaim.AlwaysIncludeInIdToken)
{
additionalClaims.Add(scopeClaim.Name);
}
}
}
}
if (additionalClaims.Count > 0)
{
var claims = await _users.GetProfileDataAsync(subject, additionalClaims);
if (claims != null)
{
outputClaims.AddRange(claims);
}
}
return outputClaims;
}示例9: UpdateConsentAsync
public Task UpdateConsentAsync(Client client, ClaimsPrincipal user, IEnumerable<string> scopes)
{
if (client.AllowRememberConsent)
{
var consent = new Consent
{
ClientId = client.ClientId,
Subject = user.GetSubjectId(),
Scopes = string.Join(" ", scopes.OrderBy(s => s).ToArray())
};
_consents.Add(consent);
}
return Task.FromResult(0);
}示例10: RequiresConsentAsync
public Task<bool> RequiresConsentAsync(Client client, ClaimsPrincipal user, IEnumerable<string> scopes)
{
if (!client.RequireConsent)
{
return Task.FromResult(false);
}
var orderedScopes = string.Join(" ", scopes.OrderBy(s => s).ToArray());
var query = from c in _consents
where c.ClientId == client.ClientId &&
c.Scopes == orderedScopes &&
c.Subject == user.GetSubjectId()
select c;
var hit = query.FirstOrDefault();
return Task.FromResult(hit == null);
}示例11: RequiresConsentAsync
/// <summary>
/// Checks if consent is required.
/// </summary>
/// <param name="client">The client.</param>
/// <param name="subject">The user.</param>
/// <param name="scopes">The scopes.</param>
/// <returns>Boolean if consent is required.</returns>
public virtual async Task<bool> RequiresConsentAsync(Client client, ClaimsPrincipal subject, IEnumerable<string> scopes)
{
if (client == null) throw new ArgumentNullException("client");
if (subject == null) throw new ArgumentNullException("subject");
if (!client.RequireConsent)
{
return false;
}
// TODO: validate that this is a correct statement
if (!client.AllowRememberConsent)
{
return true;
}
if (scopes == null || !scopes.Any())
{
return false;
}
// we always require consent for offline access if
// the client has not disabled RequireConsent
if (scopes.Contains(Constants.StandardScopes.OfflineAccess))
{
return true;
}
var consent = await _store.LoadAsync(subject.GetSubjectId(), client.ClientId);
if (consent != null && consent.Scopes != null)
{
var intersect = scopes.Intersect(consent.Scopes);
return !(scopes.Count() == intersect.Count());
}
return true;
}示例12: GetProfileDataAsync
/// <summary>
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
/// </summary>
/// <param name="subject">The subject.</param>
/// <param name="requestedClaimTypes">The requested claim types.</param>
/// <returns>
/// Claims
/// </returns>
public virtual Task<IEnumerable<Claim>> GetProfileDataAsync(ClaimsPrincipal subject, IEnumerable<string> requestedClaimTypes = null)
{
var query =
from u in _users
where u.Subject == subject.GetSubjectId()
select u;
var user = query.Single();
var claims = new List<Claim>{
new Claim(Constants.ClaimTypes.Subject, user.Subject),
};
claims.AddRange(user.Claims);
if (requestedClaimTypes != null)
{
claims = claims.Where(x => requestedClaimTypes.Contains(x.Type)).ToList();
}
return Task.FromResult<IEnumerable<Claim>>(claims);
}示例13: IsActiveAsync
public Task<bool> IsActiveAsync(ClaimsPrincipal subject)
{
var user = Users.SingleOrDefault(x => x.Subject == subject.GetSubjectId());
return Task.FromResult(user != null && user.AcceptedEula);
}示例14: ValidateAsync
public async Task<ValidationResult> ValidateAsync(NameValueCollection parameters, ClaimsPrincipal subject)
{
Logger.Info("Start end session request validation");
_validatedRequest.Raw = parameters;
_validatedRequest.Subject = subject;
if (!subject.Identity.IsAuthenticated && _options.AuthenticationOptions.RequireAuthenticatedUserForSignOutMessage)
{
Logger.Warn("User is anonymous. Ignoring end session parameters");
return Invalid();
}
var idTokenHint = parameters.Get(Constants.EndSessionRequest.IdTokenHint);
if (idTokenHint.IsPresent())
{
// validate id_token - no need to validate token life time
var tokenValidationResult = await _tokenValidator.ValidateIdentityTokenAsync(idTokenHint, null, false);
if (tokenValidationResult.IsError)
{
LogError("Error validating id token hint.");
return Invalid();
}
_validatedRequest.Client = tokenValidationResult.Client;
// validate sub claim against currently logged on user
var subClaim = tokenValidationResult.Claims.FirstOrDefault(c => c.Type == Constants.ClaimTypes.Subject);
if (subClaim != null && subject.Identity.IsAuthenticated)
{
if (subject.GetSubjectId() != subClaim.Value)
{
LogError("Current user does not match identity token");
return Invalid();
}
}
var redirectUri = parameters.Get(Constants.EndSessionRequest.PostLogoutRedirectUri);
if (redirectUri.IsPresent())
{
_validatedRequest.PostLogOutUri = redirectUri;
if (await _uriValidator.IsPostLogoutRedirectUriValidAsync(redirectUri, _validatedRequest.Client) == false)
{
LogError("Invalid post logout URI");
return Invalid();
}
var state = parameters.Get(Constants.EndSessionRequest.State);
if (state.IsPresent())
{
_validatedRequest.State = state;
}
}
}
LogSuccess();
return Valid();
}示例15: PerformTwoFactorAuthentication
private static void PerformTwoFactorAuthentication(PostAuthenticationContext context,
ClaimsPrincipal authenticatedUser)
{
var twoFactorTokenService = new TwoFactorTokenService();
if (twoFactorTokenService.HasVerifiedTwoFactorCode(authenticatedUser.GetSubjectId()))
{
return;
}
twoFactorTokenService.GenerateTwoFactorCodeFor(authenticatedUser.GetSubjectId());
context.AuthenticateResult =
new AuthenticateResult("~/twofactorauthentication", authenticatedUser.GetSubjectId(),
authenticatedUser.GetName(), authenticatedUser.Claims);
}