From 0c446bba56216ae5e80882073243e17e56fed54d Mon Sep 17 00:00:00 2001 From: TekH Date: Wed, 3 Jun 2026 10:31:14 +0200 Subject: [PATCH] Enhance claim handling in ReceiverClaimExtensions Refactor `ReceiverClaimExtensions` to support multiple claim type variations by introducing arrays for envelope ID, UUID, and receiver signature claim types. Updated the `GetRequiredClaimOfReceiver` method to handle multiple claim types and provide detailed error messages when claims are missing. Refactored methods to use the new claim type arrays for improved flexibility and robustness. --- .../Extensions/ReceiverClaimExtensions.cs | 27 ++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/EnvelopeGenerator.API/Extensions/ReceiverClaimExtensions.cs b/EnvelopeGenerator.API/Extensions/ReceiverClaimExtensions.cs index 205be48d..05f3c878 100644 --- a/EnvelopeGenerator.API/Extensions/ReceiverClaimExtensions.cs +++ b/EnvelopeGenerator.API/Extensions/ReceiverClaimExtensions.cs @@ -11,6 +11,10 @@ namespace EnvelopeGenerator.API.Extensions; /// public static class ReceiverClaimExtensions { + private static readonly string[] EnvelopeIdClaimTypes = [EnvelopeClaimTypes.Id, "envelope_id", "EnvelopeId"]; + private static readonly string[] EnvelopeUuidClaimTypes = [ClaimTypes.NameIdentifier, "envelope_uuid", "EnvelopeUuid"]; + private static readonly string[] ReceiverSignatureClaimTypes = [ClaimTypes.Hash, "receiver_sig", "ReceiverSignature"]; + private static string GetRequiredClaimOfReceiver(this ClaimsPrincipal user, string claimType) { var value = user.FindFirstValue(claimType); @@ -27,15 +31,32 @@ public static class ReceiverClaimExtensions throw new InvalidOperationException(message); } + private static string GetRequiredClaimOfReceiver(this ClaimsPrincipal user, params string[] claimTypes) + { + foreach (var claimType in claimTypes.Where(t => !string.IsNullOrWhiteSpace(t)).Distinct()) + { + var value = user.FindFirstValue(claimType); + if (!string.IsNullOrWhiteSpace(value)) + return value; + } + + var identity = user.Identity; + var principalName = identity?.Name ?? "(anonymous)"; + var authType = identity?.AuthenticationType ?? "(none)"; + var availableClaims = string.Join(", ", user.Claims.Select(c => $"{c.Type}={c.Value}")); + var message = $"Required claim(s) '{string.Join("', '", claimTypes)}' are missing for user '{principalName}' (auth: {authType}). Available claims: [{availableClaims}]."; + throw new InvalidOperationException(message); + } + /// /// Gets the authenticated envelope UUID from the claims. /// - public static string GetEnvelopeUuidOfReceiver(this ClaimsPrincipal user) => user.GetRequiredClaimOfReceiver(ClaimTypes.NameIdentifier); + public static string GetEnvelopeUuidOfReceiver(this ClaimsPrincipal user) => user.GetRequiredClaimOfReceiver(EnvelopeUuidClaimTypes); /// /// Gets the authenticated receiver signature from the claims. /// - public static string GetReceiverSignatureOfReceiver(this ClaimsPrincipal user) => user.GetRequiredClaimOfReceiver(ClaimTypes.Hash); + public static string GetReceiverSignatureOfReceiver(this ClaimsPrincipal user) => user.GetRequiredClaimOfReceiver(ReceiverSignatureClaimTypes); /// /// Gets the authenticated receiver display name from the claims. @@ -57,7 +78,7 @@ public static class ReceiverClaimExtensions /// public static int GetEnvelopeIdOfReceiver(this ClaimsPrincipal user) { - var envIdStr = user.GetRequiredClaimOfReceiver(EnvelopeClaimTypes.Id); + var envIdStr = user.GetRequiredClaimOfReceiver(EnvelopeIdClaimTypes); if (!int.TryParse(envIdStr, out var envId)) { throw new InvalidOperationException($"Claim '{EnvelopeClaimTypes.Id}' is not a valid integer.");