ComponentSpace

Forums



Get more claims


Get more claims

Author
Message
kwaazaar
kwaazaar
New Member
New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)

Group: Forum Members
Posts: 2, Visits: 14
Hi,

The created claims principal only contains the name (NameID) claim. I would also like some more information of the login-proces in the claimset, like the login-date, the 'AuthnContextClassRef' used during login, IP-address of the user, etc. Perhaps I also want to enrich it with some local data as well. Can you provide guidance on how to manipulate the ClaimsPrincipal before the cookie is created?

Regards,
Robert te Kaat
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Hi Robert
Please refer to our ExampleServiceProvider's SamlController.
It demonstrates calling _userManager.AddClaimAsync to add additional claims.
The example is adding SAML attributes as claims but you could also add login-date etc as required.

Regards
ComponentSpace Development
kwaazaar
kwaazaar
New Member
New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)

Group: Forum Members
Posts: 2, Visits: 14
ComponentSpace - 7/20/2018
Hi Robert
Please refer to our ExampleServiceProvider's SamlController.
It demonstrates calling _userManager.AddClaimAsync to add additional claims.
The example is adding SAML attributes as claims but you could also add login-date etc as required.

Thanks, but I'm using the Middleware-option and do not use any ASP.Net Identity stuff (no local user storage, no UserManager<T>, etc). Is it still possible to hook into the components?
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
For the middleware option, you can register an implementation of the ISamlClaimFactory.
SamlClaimFactory, the default implementation, adds the SAML Name ID and SAML attributes as claims.
The following code extends the default implementation to add additional claims.
These claims are added to the principal signed in by the middleware.

using ComponentSpace.Saml2.Assertions;
using ComponentSpace.Saml2.Claims;
using System;
using System.Collections.Generic;
using System.Security.Claims;

public class CustomSamlClaimFactory : SamlClaimFactory
{
  public override IList<Claim> CreateClaims(string userID, IList<SamlAttribute> attributes)
  {
   var claims = new List<Claim>();

   // Add default claims.
   claims.AddRange(base.CreateClaims(userID, attributes));

   // Add additional claims.
   claims.Add(new Claim("login-date", DateTime.UtcNow.ToString()));

   return claims;
  }
}


You need to register your implementation at application startup.

// Add the custom SAML claim factory.
services.TryAddSingleton<ISamlClaimFactory, CustomSamlClaimFactory>();

// Add SAML SSO services.
services.AddSaml(Configuration.GetSection("SAML"));



Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search