using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using Kreta.BusinessLogic.Security;
using Kreta.Framework.Security;
using Newtonsoft.Json;
namespace Kreta.Web.Security
{
///
/// Extension methods for ClaimsIdentity
///
public static class ClaimsIdentityExtensions
{
///
/// Checks whether a given claim exists
///
/// The identity.
/// The search predicate.
/// true/false
public static bool ClaimExists(this ClaimsIdentity identity, Predicate predicate)
{
Claim claim = identity.FindClaims(predicate).FirstOrDefault();
return claim != null;
}
///
/// Checks whether a given claim exists
///
/// The identity.
/// Type of the claim.
/// true/false
public static bool ClaimExists(this ClaimsIdentity identity, string claimType)
{
return identity.ClaimExists(c =>
c.Type.Equals(claimType, StringComparison.OrdinalIgnoreCase));
}
///
/// Checks whether a given claim exists
///
/// The identity.
/// Type of the claim.
/// The value.
/// true/false
public static bool ClaimExists(this ClaimsIdentity identity, string claimType, string value)
{
return identity.ClaimExists(c =>
c.Type.Equals(claimType, StringComparison.OrdinalIgnoreCase) &&
c.Value.Equals(value, StringComparison.OrdinalIgnoreCase));
}
///
/// Checks whether a given claim exists
///
/// The identity.
/// Type of the claim.
/// The value.
/// The issuer.
/// true/false
public static bool ClaimExists(this ClaimsIdentity identity, string claimType, string value, string issuer)
{
return identity.ClaimExists(c =>
c.Type.Equals(claimType, StringComparison.OrdinalIgnoreCase) &&
c.Value.Equals(value, StringComparison.OrdinalIgnoreCase) &&
c.Issuer.Equals(issuer, StringComparison.OrdinalIgnoreCase));
}
///
/// Demands a specific claim.
///
/// The principal.
/// The search predicate.
public static void DemandClaim(this ClaimsIdentity identity, Predicate predicate)
{
if (!identity.ClaimExists(predicate))
{
throw new SecurityException();
}
}
///
/// Demands a specific claim.
///
/// The identity.
/// Type of the claim.
public static void DemandClaim(this ClaimsIdentity identity, string claimType)
{
try
{
identity.DemandClaim(claim =>
claim.Type.Equals(claimType, StringComparison.OrdinalIgnoreCase));
}
catch (SecurityException)
{
throw new SecurityException();
}
}
///
/// Demands a specific claim.
///
/// The identity.
/// Type of the claim.
/// The value.
public static void DemandClaim(this ClaimsIdentity identity, string claimType, string value)
{
try
{
identity.DemandClaim(claim =>
claim.Type.Equals(claimType, StringComparison.OrdinalIgnoreCase) &&
claim.Value.Equals(value, StringComparison.OrdinalIgnoreCase));
}
catch (SecurityException)
{
throw new SecurityException();
}
}
///
/// Demands a specific claim.
///
/// The identity.
/// Type of the claim.
/// The value.
/// The issuer.
public static void DemandClaim(this ClaimsIdentity identity, string claimType, string value, string issuer)
{
try
{
identity.DemandClaim(claim =>
claim.Type.Equals(claimType, StringComparison.OrdinalIgnoreCase) &&
claim.Value.Equals(value, StringComparison.OrdinalIgnoreCase) &&
claim.Issuer.Equals(issuer, StringComparison.OrdinalIgnoreCase));
}
catch (SecurityException)
{
throw new SecurityException();
}
}
///
/// Denies a specific claim.
///
/// The identity.
/// The search predicate.
public static void DenyClaim(this ClaimsIdentity identity, Predicate predicate)
{
foreach (Claim claim in identity.FindClaims(predicate))
{
throw new SecurityException();
}
}
///
/// Denies a specific claim.
///
/// The identity.
/// Type of the claim.
public static void DenyClaim(this ClaimsIdentity identity, string claimType)
{
try
{
identity.DenyClaim(claim =>
claim.Type.Equals(claimType, StringComparison.OrdinalIgnoreCase));
}
catch (SecurityException)
{
throw new SecurityException();
}
}
///
/// Denies a specific claim.
///
/// The identity.
/// Type of the claim.
/// The value.
public static void DenyClaim(this ClaimsIdentity identity, string claimType, string value)
{
try
{
identity.DenyClaim(claim =>
claim.Type.Equals(claimType, StringComparison.OrdinalIgnoreCase) &&
claim.Value.Equals(value, StringComparison.OrdinalIgnoreCase));
}
catch (SecurityException)
{
throw new SecurityException();
}
}
///
/// Denies a specific claim.
///
/// The identity.
/// Type of the claim.
/// The value.
/// The issuer.
public static void DenyClaim(this ClaimsIdentity identity, string claimType, string value, string issuer)
{
try
{
identity.DenyClaim(claim =>
claim.Type.Equals(claimType, StringComparison.OrdinalIgnoreCase) &&
claim.Value.Equals(value, StringComparison.OrdinalIgnoreCase) &&
claim.Issuer.Equals(issuer, StringComparison.OrdinalIgnoreCase));
}
catch (SecurityException)
{
throw new SecurityException();
}
}
///
/// Finds all instances of the specified claim.
///
/// The identity.
/// The search predicate.
/// List of claims that match the search criteria
public static IEnumerable FindClaims(this ClaimsIdentity identity, Predicate predicate)
{
return from claim in identity.Claims
where predicate(claim)
select claim;
}
///
/// Finds all instances of the specified claim.
///
/// The identity.
/// Type of the claim.
/// List of claims that match the search criteria
public static IEnumerable FindClaims(this ClaimsIdentity identity, string claimType)
{
return identity.FindClaims(c =>
c.Type.Equals(claimType, StringComparison.OrdinalIgnoreCase));
}
///
/// Finds all instances of the specified claim.
///
/// The identity.
/// Type of the claim.
/// The issuer.
/// List of claims that match the search criteria
public static IEnumerable FindClaims(this ClaimsIdentity identity, string claimType, string issuer)
{
return identity.FindClaims(c =>
c.Type.Equals(claimType, StringComparison.OrdinalIgnoreCase) &&
c.Issuer.Equals(issuer, StringComparison.OrdinalIgnoreCase));
}
///
/// Finds all instances of the specified claim.
///
/// The identity.
/// Type of the claim.
/// The issuer.
/// The value.
/// List of claims that match the search criteria
public static IEnumerable FindClaims(this ClaimsIdentity identity, string claimType, string issuer, string value)
{
return identity.FindClaims(c =>
c.Type.Equals(claimType, StringComparison.OrdinalIgnoreCase) &&
c.Value.Equals(value, StringComparison.OrdinalIgnoreCase) &&
c.Issuer.Equals(issuer, StringComparison.OrdinalIgnoreCase));
}
///
/// Finds all instances of the specified claim.
///
/// The identity.
/// Search claim.
/// List of claims that match the search criteria
public static IEnumerable FindClaims(this ClaimsIdentity identity, Claim claim)
{
return identity.FindClaims(c =>
c.Type.Equals(claim.Type, StringComparison.OrdinalIgnoreCase) &&
c.Value.Equals(claim.Value, StringComparison.OrdinalIgnoreCase) &&
c.Issuer.Equals(claim.Issuer, StringComparison.OrdinalIgnoreCase));
}
///
/// Retrieves the value of a claim.
///
/// The identity.
/// Type of the claim.
/// The value
public static string GetClaimValue(this ClaimsIdentity identity, string claimType)
{
string value = null;
if (identity.TryGetClaimValue(claimType, out value))
{
return value;
}
throw new Exception("Claim not found exception");// ClaimNotFoundException(string.Format(CultureInfo.CurrentCulture, Messages.ClaimNotFound, claimType));
}
///
/// Retrieves the value of a claim.
///
/// The identity.
/// Type of the claim.
/// The issuer.
/// The value
public static string GetClaimValue(this ClaimsIdentity identity, string claimType, string issuer)
{
string value = null;
if (identity.TryGetClaimValue(claimType, issuer, out value))
{
return value;
}
throw new Exception("Claim not found exception"); //throw new ClaimNotFoundException(string.Format(CultureInfo.CurrentCulture, Messages.ClaimNotFound, claimType));
}
///
/// Tries to retrieve the value of a claim.
///
/// The identity.
/// Type of the claim.
/// The claim value.
/// The value
public static bool TryGetClaimValue(this ClaimsIdentity identity, string claimType, out string claimValue)
{
claimValue = null;
Claim claim = identity.FindClaims(claimType).FirstOrDefault();
if (claim != null)
{
claimValue = claim.Value;
return true;
}
return false;
}
///
/// Tries to retrieve the value of a claim.
///
/// The identity.
/// Type of the claim.
/// The issuer.
/// The claim value.
/// The value
public static bool TryGetClaimValue(this ClaimsIdentity identity, string claimType, string issuer, out string claimValue)
{
claimValue = null;
Claim claim = identity.FindClaims(claimType, issuer).FirstOrDefault();
if (claim != null)
{
claimValue = claim.Value;
return true;
}
return false;
}
public static bool HasResource(this ClaimsIdentity identity, string resourceName)
{
var resourcesJSON = identity.GetClaimValue(KretaClaimTypes.Resource);
var resources = JsonConvert.DeserializeObject>(resourcesJSON);
return resources.Contains(resourceName);
}
}
}