Add ClaimTypes.NameIdentifier and ClaimTypes.Email for SuperOffice (#465

) * Added support for ClaimTypes NameIdentifier and Email * Explicitly add ClaimTypes.NameIdentity * Update SubjectIdentifier description. Co-authored-by: Martin Costello <martin@martincostello.com> * Added test case for ClaimTypes.Email * Add using Add using statement to shorten the code. Co-authored-by: SuperOfficeDevNet <tony@superoffice.com> Co-authored-by: Martin Costello <martin@martincostello.com>
aspnet-contrib · Jul 21, 2020 · b475447 · b475447
1 parent 97f1ef7
commit b475447
Show file tree

Hide file tree

Showing 5 changed files with 16 additions and 0 deletions.
diff --git a/src/AspNet.Security.OAuth.SuperOffice/SuperOfficeAuthenticationConstants.cs b/src/AspNet.Security.OAuth.SuperOffice/SuperOfficeAuthenticationConstants.cs
@@ -74,6 +74,11 @@ public static class ClaimNames
             /// </summary>
             public const string PrimaryEmail = "http://schemes.superoffice.net/identity/so_primary_email_address";
 
+            /// <summary>
+            /// Subject Identifier used to uniquely identify the user.
+            /// </summary>
+            public const string SubjectIdentifier = "sub";
+
             /// <summary>
             /// Identifier used to exchange for a system user ticket.
             /// </summary>

diff --git a/src/AspNet.Security.OAuth.SuperOffice/SuperOfficeAuthenticationHandler.cs b/src/AspNet.Security.OAuth.SuperOffice/SuperOfficeAuthenticationHandler.cs
@@ -105,6 +105,12 @@ public class SuperOfficeAuthenticationHandler : OAuthHandler<SuperOfficeAuthenti
                     contextIdentifier = claim.Value;
                 }
 
+                if (claim.Type == SuperOfficeAuthenticationConstants.ClaimNames.SubjectIdentifier)
+                {
+                    identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, claim.Value));
+                    continue;
+                }
+
                 if (Options.IncludeIdTokenAsClaims)
                 {
                     // May be possible same claim names from UserInformationEndpoint and IdToken.

diff --git a/src/AspNet.Security.OAuth.SuperOffice/SuperOfficeAuthenticationOptions.cs b/src/AspNet.Security.OAuth.SuperOffice/SuperOfficeAuthenticationOptions.cs
@@ -34,6 +34,7 @@ public SuperOfficeAuthenticationOptions()
             Scope.Add("openid");
 
             ClaimActions.MapJsonKey(ClaimTypes.Name, PrincipalNames.FullName);
+            ClaimActions.MapJsonKey(ClaimTypes.Email, PrincipalNames.EmailAddress);
 
             ClaimActions.MapJsonKey(ClaimNames.AssociateId, PrincipalNames.AssociateId);
             ClaimActions.MapJsonKey(ClaimNames.Email, PrincipalNames.EmailAddress);

diff --git a/test/AspNet.Security.OAuth.Providers.Tests/SuperOffice/SuperOfficeTests.cs b/test/AspNet.Security.OAuth.Providers.Tests/SuperOffice/SuperOfficeTests.cs
@@ -6,6 +6,7 @@
 
 using System;
 using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.Extensions.DependencyInjection;
@@ -40,6 +41,8 @@ protected internal override void RegisterAuthentication(AuthenticationBuilder bu
         }
 
         [Theory]
+        [InlineData(ClaimTypes.NameIdentifier, "johm.demo.smith@superoffice.com")]
+        [InlineData(ClaimTypes.Email, "johm.demo.smith@superoffice.com")]
         [InlineData(SuperOfficeAuthenticationConstants.PrincipalNames.BusinessId, "4")]
         [InlineData(SuperOfficeAuthenticationConstants.PrincipalNames.CategoryId, "4")]
         [InlineData(SuperOfficeAuthenticationConstants.PrincipalNames.ContactId, "2")]

diff --git a/test/AspNet.Security.OAuth.Providers.Tests/SuperOffice/bundle.json b/test/AspNet.Security.OAuth.Providers.Tests/SuperOffice/bundle.json
@@ -23,6 +23,7 @@
         "ContactId": 2,
         "CountryId": 826,
         "DatabaseContextIdentifier": "Cust12345",
+        "EMailAddress": "johm.demo.smith@superoffice.com",
         "FunctionRights": [ "allow-bulk-export" ],
         "GroupId": 2,
         "HomeCountryId": 826,