Question

I've already implemented the basic Web API protection via IdentityServer4 based on this.

The demo is based on in-memory data. And most of tutorials are based on EF Core implementation for user data. As I searched there was a IUserService in IdentityServer3 which is now missing in version 4.

builder.AddInMemoryClients(Clients.Get());
builder.AddInMemoryScopes(Scopes.Get());
builder.AddInMemoryUsers(Users.Get());

How can I retrieve my user data from an EF6 store?

1
2
5/17/2017 6:01:57 AM

Accepted Answer

In Startup.cs, do this

builder.Services.AddTransient<IResourceOwnerPasswordValidator, ResourceOwnerPasswordValidator>();
builder.Services.AddTransient<IProfileService, ProfileService>();

Here is a sample of ResourceOwnerPasswordValidator and ProfileService

public class ResourceOwnerPasswordValidator : IResourceOwnerPasswordValidator
{
    private MyUserManager _myUserService { get; set; }
    public ResourceOwnerPasswordValidator()
    {
        _myUserService = new MyUserManager();
    }

    public async Task<CustomGrantValidationResult> ValidateAsync(string userName, string password, ValidatedTokenRequest request)
    {
        var user = await _myUserService.FindByNameAsync(userName);
        if (user != null && await _myUserService.CheckPasswordAsync(user, password))
        {
            return new CustomGrantValidationResult(user.EmailAddress, "password");
        }
        return new CustomGrantValidationResult("Invalid username or password");
    }
}


public class ProfileService : IProfileService
{
    MyUserManager _myUserManager;
    public ProfileService()
    {
        _myUserManager = new MyUserManager();
    }

    public async Task GetProfileDataAsync(ProfileDataRequestContext context)
    {
        var sub = context.Subject.FindFirst("sub")?.Value;
        if (sub != null)
        {
            var user = await _myUserManager.FindByIdAsync(sub);
            var cp = await getClaims(user);

            var claims = cp.Claims;
            if (context.AllClaimsRequested == false ||
                (context.RequestedClaimTypes != null && context.RequestedClaimTypes.Any()))
            {
                claims = claims.Where(x => context.RequestedClaimTypes.Contains(x.Type)).ToArray().AsEnumerable();
            }

            context.IssuedClaims = claims;
        }
    }

    public Task IsActiveAsync(IsActiveContext context)
    {
        return Task.FromResult(0);
    }

    private async Task<ClaimsPrincipal> getClaims(CustomerSite user)
    {
        if (user == null)
        {
            throw new ArgumentNullException(nameof(user));
        }
        var userId = await _myUserManager.GetUserIdAsync(user);
        var userName = await _myUserManager.GetUserNameAsync(user);
        var id = new ClaimsIdentity();
        id.AddClaim(new Claim(JwtClaimTypes.Id, userId));
        id.AddClaim(new Claim(JwtClaimTypes.PreferredUserName, userName));

        var roles = await _myUserManager.GetRolesAsync(user);
        foreach (var roleName in roles)
        {
            id.AddClaim(new Claim(JwtClaimTypes.Role, roleName));                
        }

        id.AddClaims(await _myUserManager.GetClaimsAsync(user));

        return new ClaimsPrincipal(id);
    }
}
4
8/8/2016 4:53:04 PM


Related Questions





Related

Licensed under: CC-BY-SA with attribution
Not affiliated with Stack Overflow
Licensed under: CC-BY-SA with attribution
Not affiliated with Stack Overflow