Reputation: 1557
Owin Authentication and claims in asp.net how to access user data
I am developing an intranet application where the user authentication is based on Active directory and am having issue with the proper way of handling user claims.
I have implemented something similar to this
Using OWIN and Active Directory to authenticate users in ASP.Net MVC 5 application
and its working perfectly to authenticate the user through active directory. I have added claims to store the user data in the cookie
private ClaimsIdentity CreateIdentity(UserPrincipal userPrincipal)
{
var identity = new ClaimsIdentity(MyAuthentication.ApplicationCookie, ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);
identity.AddClaim(new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "Active Directory"));
identity.AddClaim(new Claim(ClaimTypes.Name, userPrincipal.SamAccountName));
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userPrincipal.SamAccountName));
identity.AddClaim(new Claim(ClaimTypes.GivenName, userPrincipal.GivenName));
return identity;
}
Is there a more efficient way of getting the user information rather than the below code?
var claimsIdentity = User.Identity as System.Security.Claims.ClaimsIdentity;
var name = claimsIdentity.FindFirst(System.Security.Claims.ClaimTypes.GivenName);
However, the username of the user is available through the identity it self
User.Name...which seems ineloquent.
Upvotes: 4
Views: 8598
Answers (2)
Reputation: 18474
You could use Extension Methods to provide the methods you need.
using System.Security.Claims;
using System.Security.Principal.IPrincipal;
public static class UserClaimExtentions {
public static string GivenName(this IPrincipal user) {
return user.GetClaimValue(ClaimTypes.GivenName);
}
public static string NameIdentifier(this IPrincipal user) {
return user.GetClaimValue(ClaimTypes.NameIdentifier);
}
public static string GetClaimValue(this IPrincipal user, string name) {
var claimsIdentity = user.Identity as ClaimsIdentity;
return claimsIdentity?.FindFirst(name)?.Value;
}
//If you aren't using the new operators from Roslyn for null checks then
//use this method instead
public static string GetClaimValue(this IPrincipal user, string name) {
var claimsIdentity = user.Identity as ClaimsIdentity;
var claim = claimsIdentity == null ? null : claimsIdentity?.FindFirst(name);
return claim == null ? null : claim.Value;
}
}
Now in your code you can just need to make sure you are using the namespace that the extension class is defined in and you can then do
var givenName = User.GivenName();
var identifier = User.NameIdentifier();
or
var givenName = User.GetClaimValue(ClaimTypes.GivenName);
var identifier = User.GetClaimValue(ClaimTypes.NameIdentifier);
Upvotes: 2
Reputation: 4805
If you want to use Windows Auth with Owin you can just call this from your Startup.cs class (no cookie auth):
public void ConfigureAuth(IAppBuilder app)
{
HttpListener listener = (HttpListener)app.Properties["System.Net.HttpListener"];
listener.AuthenticationSchemes = AuthenticationSchemes.IntegratedWindowsAuthentication;
}
Then wherever you have your OwinContext you can just do
var user = new OwinContext().Authentication.User;
//or
var user = HttpContext.Current.GetOwinContext().Authentication.User;
Upvotes: 1
Related Questions
- How to get the logged user with an OWIN authentication?
- Not getting user with correct credentials with asp.net identity and owin
- Custom Identity using MVC5 and OWIN
- Adding Claims in the MVC 5 app with Owin and windows authentication
- Custom OWIN authentication
- Authenticate User into the System using Claims Identity
- How do to authenticate a registered user using OWIN & Identity?
- How to use claims
- ClaimsIdentity in ASP.NET MVC 5
- MVC 5 with ASP.NET Identity - Get Claims when user logs in