c# - ASP.NET Identity and Claim-based -

February 15, 2012

how use claims? example, want set access each page (resource) each user. understand, can using roles, understand, claim-based more effectively. when try create claim, see following method:

        useridentity.addclaim(new claim(claimtypes.role, "test role"));

first parameter of constructor of claim class claimtypes enum, has many "strange" members email, phone etc. want set claim , check claim have access resource. i'm on wrong way? how it?

from code above, assuming have added claim in startup class on authenticated of provider below.

context.identity.addclaim(new claim("urn:google:name", context.identity.findfirstvalue(claimtypes.name))); // added claim reading google name context.identity.addclaim(new claim("urn:google:email", context.identity.findfirstvalue(claimtypes.email))); // , email

once have added claims in startup, when request processed check if callback , if yes, read claims below(in ihttphandler).

public void processrequest(httpcontext context)     {         iauthenticationmanager authmanager = context.getowincontext().authentication;         if (string.isnullorempty(context.request.querystring[callbackkey]))         {             string providername = context.request.querystring["provider"] ?? "google";//i have multiple providers checking if google             redirecttoprovider(context, authmanager, providername);         }         else         {             externallogincallback(context, authmanager);         }     }

if 1st call redirect provider

private static void redirecttoprovider(httpcontext context, iauthenticationmanager authmanager, string providername)     {         var loginproviders = authmanager.getexternalauthenticationtypes();          var loginprovider = loginproviders.single(x => x.caption == providername);          var properties = new authenticationproperties()         {             redirecturi = string.format("{0}&{1}=true", context.request.url, callbackkey)         };          //string[] authtypes = { loginprovider.authenticationtype, defaultauthenticationtypes.externalcookie };         authmanager.challenge(properties, loginprovider.authenticationtype);          //without redirect forms login page         context.response.suppressformsauthenticationredirect = true;     }

and read claims back

public void externallogincallback(httpcontext context, iauthenticationmanager authmanager)     {         var logininfo = authmanager.getexternallogininfo();         if (logininfo == null)         {             throw new system.security.securityexception("failed login");         }          var loginprovider = logininfo.login.loginprovider;         var externalloginconfirmation = logininfo.defaultusername;          var externalidentity = authmanager.getexternalidentityasync(defaultauthenticationtypes.externalcookie);         var emailclaim = externalidentity.result.claims.firstordefault(c => c.type == claimtypes.email);         var email = emailclaim.value;          var pictureclaim = externalidentity.result.claims.firstordefault(c => c.type.equals("picture"));         var pictureurl = pictureclaim.value;          loginbyemail(context, email, loginprovider); //redirects method of adding claimed user logged in, use yours.     }

Search This Blog

UV code

c# - ASP.NET Identity and Claim-based -

Comments

Post a Comment

Popular posts from this blog

jquery - How do you format the date used in the popover widget title of FullCalendar? -

asp.net mvc - SSO between MVCForum and Umbraco7 -

Python Tkinter keyboard using bind -