47 lines
1.9 KiB
C#
47 lines
1.9 KiB
C#
// Copyright (c) Umbraco.
|
|
// See LICENSE for more details.
|
|
|
|
using System.Security.Claims;
|
|
using Microsoft.AspNetCore.Identity;
|
|
using Umbraco.Cms.Core;
|
|
using Umbraco.Cms.Core.Security;
|
|
|
|
namespace Umbraco.Extensions;
|
|
|
|
public static class MergeClaimsIdentityExtensions
|
|
{
|
|
// Ignore these Claims when merging, these claims are dynamically added whenever the ticket
|
|
// is re-issued and we don't want to merge old values of these.
|
|
// We do however want to merge these when the SecurityStampValidator refreshes the principal since it's still the same login session
|
|
private static readonly string[] _ignoredClaims = { ClaimTypes.CookiePath, Constants.Security.SessionIdClaimType };
|
|
|
|
public static void MergeAllClaims(this ClaimsIdentity destination, ClaimsIdentity source)
|
|
{
|
|
foreach (Claim claim in source.Claims
|
|
.Where(claim => !destination.HasClaim(claim.Type, claim.Value)))
|
|
{
|
|
destination.AddClaim(new Claim(claim.Type, claim.Value));
|
|
}
|
|
}
|
|
|
|
public static void MergeClaimsFromCookieIdentity(this ClaimsIdentity destination, ClaimsIdentity source)
|
|
{
|
|
foreach (Claim claim in source.Claims
|
|
.Where(claim => !_ignoredClaims.Contains(claim.Type))
|
|
.Where(claim => !destination.HasClaim(claim.Type, claim.Value)))
|
|
{
|
|
destination.AddClaim(new Claim(claim.Type, claim.Value));
|
|
}
|
|
}
|
|
|
|
public static void MergeClaimsFromBackOfficeIdentity(this ClaimsIdentity destination, BackOfficeIdentityUser source)
|
|
{
|
|
foreach (IdentityUserClaim<string> claim in source.Claims
|
|
.Where(claim => !_ignoredClaims.Contains(claim.ClaimType))
|
|
.Where(claim => !destination.HasClaim(claim.ClaimType!, claim.ClaimValue!)))
|
|
{
|
|
destination.AddClaim(new Claim(claim.ClaimType!, claim.ClaimValue!));
|
|
}
|
|
}
|
|
}
|