-
Notifications
You must be signed in to change notification settings - Fork 160
/
AddEmailClaimMiddleware.cs
64 lines (52 loc) · 2.6 KB
/
AddEmailClaimMiddleware.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
// Copyright (c) 2022 Jon P Smith, GitHub: JonPSmith, web: http://www.thereformedprogrammer.net/
// Licensed under MIT license. See License.txt in the project root for license information.
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Http;
using System.Threading.Tasks;
using System;
using System.Linq;
using AuthPermissions.BaseCode.CommonCode;
using Microsoft.Extensions.DependencyInjection;
using Net.DistributedFileStoreCache;
using System.Security.Claims;
using AuthPermissions.BaseCode.DataLayer.EfCode;
namespace Example2.WebApiWithToken.IndividualAccounts.ClaimsChangeCode;
public static class AddEmailClaimMiddleware
{
public static string FormAddedEmailClaimKey(this string userId) => $"AddEmailClaim-{userId}";
public static void UseAddEmailClaimToUsers(this IApplicationBuilder app)
{
app.Use(async (HttpContext context, Func<Task> next) =>
{
var replacementUser = await AddEmailClaimToCurrentUser(context.RequestServices, context.User);
if (replacementUser != null)
context.User = replacementUser;
await next();
});
}
public static async Task<ClaimsPrincipal> AddEmailClaimToCurrentUser(IServiceProvider serviceProvider, ClaimsPrincipal user)
{
var userId = user.GetUserIdFromUser();
if (userId != null)
{
//There is a logged-in user, so we see if the FileStore cache contains a new Permissions claim
var fsCache = serviceProvider.GetRequiredService<IDistributedFileStoreCacheClass>();
var usersEmail = await fsCache.GetAsync(userId.FormAddedEmailClaimKey());
if (usersEmail == null)
{
//Not set up yet, so we need to get the user's email and place it in the cache
var context = serviceProvider.GetRequiredService<AuthPermissionsDbContext>();
usersEmail = context.AuthUsers.Where(x => x.UserId == userId).Select(x => x.Email).FirstOrDefault();
if (usersEmail == null)
return null; //shouldn't happen, but could in certain updates
await fsCache.SetAsync(userId.FormAddedEmailClaimKey(), usersEmail);
}
//We need to add the Email from the cache
var updateClaims = user.Claims.ToList();
updateClaims.Add(new Claim(ClaimTypes.Email, usersEmail));
var appIdentity = new ClaimsIdentity(updateClaims, user.Identity!.AuthenticationType);
return new ClaimsPrincipal(appIdentity);
}
return null; //no change to the current user
}
}