using System.Security.Claims;
using System.Security.Principal;
namespace zero.Identity;
public class BackofficeUserIdentity : UserIdentity
{
protected BackofficeUserIdentity(ClaimsIdentity identity) : base(identity, Constants.Auth.BackofficeScheme) { }
public static bool TryCreate(ClaimsIdentity identity, out BackofficeUserIdentity user)
{
user = null;
if (!RequiredClaims.All(claim => identity.HasClaim(x => x.Type == claim && !x.Value.IsNullOrWhiteSpace())))
{
Console.Error.WriteLine("Could not find all claims for UserIdentity creation"); // TODO use logger
return false;
}
if (!identity.HasClaim(Constants.Auth.Claims.IsZero, PermissionsValue.True))
{
Console.Error.WriteLine("Could not find all claims for UserIdentity creation"); // TODO use logger
return false;
}
user = new BackofficeUserIdentity(identity);
return true;
}
public static bool TryGet(IPrincipal principal, out BackofficeUserIdentity user)
{
if (TryGet(principal, out UserIdentity _user))
{
return TryCreate(_user, out user);
}
user = null;
return false;
}
}
public class UserIdentity : ClaimsIdentity
{
protected UserIdentity(ClaimsIdentity identity, string authenticationType = null) : base(identity, identity.Claims, authenticationType ?? identity.AuthenticationType, Constants.Auth.Claims.UserName, Constants.Auth.Claims.Role)
{
}
public static bool TryCreate(ClaimsIdentity identity, string authenticationType, out UserIdentity user)
{
user = null;
if (!RequiredClaims.All(claim => identity.HasClaim(x => x.Type == claim && !x.Value.IsNullOrWhiteSpace())))
{
Console.Error.WriteLine("Could not find all claims for UserIdentity creation"); // TODO use logger
return false;
}
user = new UserIdentity(identity, authenticationType);
return true;
}
///
/// Build user identity from a matching principal identity
///
public static bool TryGet(IPrincipal principal, out UserIdentity user)
{
if (principal.Identity is UserIdentity identity)
{
user = identity;
return true;
}
if (principal is ClaimsPrincipal claimsPrincipal)
{
user = claimsPrincipal.Identities.OfType().FirstOrDefault();
if (user != null)
{
return true;
}
}
if (principal.Identity is ClaimsIdentity claimsIdentity && claimsIdentity.IsAuthenticated)
{
if (TryCreate(claimsIdentity, claimsIdentity.AuthenticationType, out user))
{
return true;
}
}
user = null;
return false;
}
public static IEnumerable RequiredClaims => new[]
{
Constants.Auth.Claims.UserId,
Constants.Auth.Claims.UserName,
Constants.Auth.Claims.Email,
//Constants.Auth.Claims.Role,
Constants.Auth.Claims.SecurityStamp,
Constants.Auth.Claims.IsZero
};
}