Skip to content
This repository was archived by the owner on Dec 13, 2018. It is now read-only.

Make claim mapping more configurable #1124

Merged
merged 1 commit into from
Mar 1, 2017
Merged

Make claim mapping more configurable #1124

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
71 changes: 19 additions & 52 deletions samples/SocialSample/Startup.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ public void Configure(IApplicationBuilder app, ILoggerFactory loggerfactory)

// You must first create an app with GitHub and add its ID and Secret to your user-secrets.
// https://console.developers.google.com/project
app.UseGoogleAuthentication(new GoogleOptions
var googleOptions = new GoogleOptions
{
ClientId = Configuration["google:clientid"],
ClientSecret = Configuration["google:clientsecret"],
Expand All @@ -126,11 +126,14 @@ public void Configure(IApplicationBuilder app, ILoggerFactory loggerfactory)
return Task.FromResult(0);
}
}
});
};
googleOptions.ClaimActions.MapJsonSubKey("urn:google:image", "image", "url");
googleOptions.ClaimActions.Remove(ClaimTypes.GivenName);
app.UseGoogleAuthentication(googleOptions);

// You must first create an app with Twitter and add its key and Secret to your user-secrets.
// https://apps.twitter.com/
app.UseTwitterAuthentication(new TwitterOptions
var twitterOptions = new TwitterOptions
{
ConsumerKey = Configuration["twitter:consumerkey"],
ConsumerSecret = Configuration["twitter:consumersecret"],
Expand All @@ -140,20 +143,16 @@ public void Configure(IApplicationBuilder app, ILoggerFactory loggerfactory)
SaveTokens = true,
Events = new TwitterEvents()
{
OnCreatingTicket = ctx =>
{
var profilePic = ctx.User.Value<string>("profile_image_url");
ctx.Principal.Identities.First().AddClaim(new Claim("urn:twitter:profilepicture", profilePic, ClaimTypes.Uri, ctx.Options.ClaimsIssuer));
return Task.FromResult(0);
},
OnRemoteFailure = ctx =>
{
ctx.Response.Redirect("/error?FailureMessage=" + UrlEncoder.Default.Encode(ctx.Failure.Message));
ctx.HandleResponse();
return Task.FromResult(0);
}
}
});
};
twitterOptions.ClaimActions.MapJsonKey("urn:twitter:profilepicture", "profile_image_url", ClaimTypes.Uri);
app.UseTwitterAuthentication(twitterOptions);

/* Azure AD app model v2 has restrictions that prevent the use of plain HTTP for redirect URLs.
Therefore, to authenticate through microsoft accounts, tryout the sample using the following URL:
Expand Down Expand Up @@ -200,7 +199,7 @@ public void Configure(IApplicationBuilder app, ILoggerFactory loggerfactory)

// You must first create an app with GitHub and add its ID and Secret to your user-secrets.
// https://github.com/settings/applications/
app.UseOAuthAuthentication(new OAuthOptions
var githubOptions = new OAuthOptions
{
AuthenticationScheme = "GitHub",
DisplayName = "Github",
Expand All @@ -227,48 +226,16 @@ public void Configure(IApplicationBuilder app, ILoggerFactory loggerfactory)

var user = JObject.Parse(await response.Content.ReadAsStringAsync());

var identifier = user.Value<string>("id");
if (!string.IsNullOrEmpty(identifier))
{
context.Identity.AddClaim(new Claim(
ClaimTypes.NameIdentifier, identifier,
ClaimValueTypes.String, context.Options.ClaimsIssuer));
}

var userName = user.Value<string>("login");
if (!string.IsNullOrEmpty(userName))
{
context.Identity.AddClaim(new Claim(
ClaimsIdentity.DefaultNameClaimType, userName,
ClaimValueTypes.String, context.Options.ClaimsIssuer));
}

var name = user.Value<string>("name");
if (!string.IsNullOrEmpty(name))
{
context.Identity.AddClaim(new Claim(
"urn:github:name", name,
ClaimValueTypes.String, context.Options.ClaimsIssuer));
}

var email = user.Value<string>("email");
if (!string.IsNullOrEmpty(email))
{
context.Identity.AddClaim(new Claim(
ClaimTypes.Email, email,
ClaimValueTypes.Email, context.Options.ClaimsIssuer));
}

var link = user.Value<string>("url");
if (!string.IsNullOrEmpty(link))
{
context.Identity.AddClaim(new Claim(
"urn:github:url", link,
ClaimValueTypes.String, context.Options.ClaimsIssuer));
}
context.RunClaimActions(user);
}
}
});
};
githubOptions.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "id");
githubOptions.ClaimActions.MapJsonKey(ClaimTypes.Name, "login");
githubOptions.ClaimActions.MapJsonKey("urn:github:name", "name");
githubOptions.ClaimActions.MapJsonKey(ClaimTypes.Email, "email", ClaimValueTypes.Email);
githubOptions.ClaimActions.MapJsonKey("urn:github:url", "url");
app.UseOAuthAuthentication(githubOptions);

// Choose an authentication type
app.Map("/login", signoutApp =>
Expand Down Expand Up @@ -357,7 +324,7 @@ public void Configure(IApplicationBuilder app, ILoggerFactory loggerfactory)
}

await context.Response.WriteAsync("Tokens:<br>");

await context.Response.WriteAsync("Access Token: " + await context.Authentication.GetTokenAsync("access_token") + "<br>");
await context.Response.WriteAsync("Refresh Token: " + await context.Authentication.GetTokenAsync("refresh_token") + "<br>");
await context.Response.WriteAsync("Token Type: " + await context.Authentication.GetTokenAsync("token_type") + "<br>");
Expand Down
85 changes: 1 addition & 84 deletions src/Microsoft.AspNetCore.Authentication.Facebook/FacebookHandler.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,90 +45,7 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(ClaimsIden

var ticket = new AuthenticationTicket(new ClaimsPrincipal(identity), properties, Options.AuthenticationScheme);
var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload);

var identifier = FacebookHelper.GetId(payload);
if (!string.IsNullOrEmpty(identifier))
{
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, identifier, ClaimValueTypes.String, Options.ClaimsIssuer));
}

var ageRangeMin = FacebookHelper.GetAgeRangeMin(payload);
if (!string.IsNullOrEmpty(ageRangeMin))
{
identity.AddClaim(new Claim("urn:facebook:age_range_min", ageRangeMin, ClaimValueTypes.String, Options.ClaimsIssuer));
}

var ageRangeMax = FacebookHelper.GetAgeRangeMax(payload);
if (!string.IsNullOrEmpty(ageRangeMax))
{
identity.AddClaim(new Claim("urn:facebook:age_range_max", ageRangeMax, ClaimValueTypes.String, Options.ClaimsIssuer));
}

var birthday = FacebookHelper.GetBirthday(payload);
if (!string.IsNullOrEmpty(birthday))
{
identity.AddClaim(new Claim(ClaimTypes.DateOfBirth, birthday, ClaimValueTypes.String, Options.ClaimsIssuer));
}

var email = FacebookHelper.GetEmail(payload);
if (!string.IsNullOrEmpty(email))
{
identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, Options.ClaimsIssuer));
}

var firstName = FacebookHelper.GetFirstName(payload);
if (!string.IsNullOrEmpty(firstName))
{
identity.AddClaim(new Claim(ClaimTypes.GivenName, firstName, ClaimValueTypes.String, Options.ClaimsIssuer));
}

var gender = FacebookHelper.GetGender(payload);
if (!string.IsNullOrEmpty(gender))
{
identity.AddClaim(new Claim(ClaimTypes.Gender, gender, ClaimValueTypes.String, Options.ClaimsIssuer));
}

var lastName = FacebookHelper.GetLastName(payload);
if (!string.IsNullOrEmpty(lastName))
{
identity.AddClaim(new Claim(ClaimTypes.Surname, lastName, ClaimValueTypes.String, Options.ClaimsIssuer));
}

var link = FacebookHelper.GetLink(payload);
if (!string.IsNullOrEmpty(link))
{
identity.AddClaim(new Claim("urn:facebook:link", link, ClaimValueTypes.String, Options.ClaimsIssuer));
}

var location = FacebookHelper.GetLocation(payload);
if (!string.IsNullOrEmpty(location))
{
identity.AddClaim(new Claim("urn:facebook:location", location, ClaimValueTypes.String, Options.ClaimsIssuer));
}

var locale = FacebookHelper.GetLocale(payload);
if (!string.IsNullOrEmpty(locale))
{
identity.AddClaim(new Claim(ClaimTypes.Locality, locale, ClaimValueTypes.String, Options.ClaimsIssuer));
}

var middleName = FacebookHelper.GetMiddleName(payload);
if (!string.IsNullOrEmpty(middleName))
{
identity.AddClaim(new Claim("urn:facebook:middle_name", middleName, ClaimValueTypes.String, Options.ClaimsIssuer));
}

var name = FacebookHelper.GetName(payload);
if (!string.IsNullOrEmpty(name))
{
identity.AddClaim(new Claim(ClaimTypes.Name, name, ClaimValueTypes.String, Options.ClaimsIssuer));
}

var timeZone = FacebookHelper.GetTimeZone(payload);
if (!string.IsNullOrEmpty(timeZone))
{
identity.AddClaim(new Claim("urn:facebook:timezone", timeZone, ClaimValueTypes.String, Options.ClaimsIssuer));
}
context.RunClaimActions();

await Options.Events.CreatingTicket(context);

Expand Down
Loading