TekH
8187924a8c
Introduces EnvelopeAuthExtensions with helper methods to retrieve envelope-specific claims from ClaimsPrincipal and to sign in envelope receivers using cookie authentication. Supports extracting envelope and receiver details via claims for authentication flows.
88 lines
3.7 KiB
C#
88 lines
3.7 KiB
C#
using System.Security.Claims;
|
|
using EnvelopeGenerator.Application.Common.Dto.EnvelopeReceiver;
|
|
using Microsoft.AspNetCore.Authentication;
|
|
using Microsoft.AspNetCore.Authentication.Cookies;
|
|
|
|
namespace EnvelopeGenerator.GeneratorAPI.Extensions;
|
|
|
|
/// <summary>
|
|
/// Provides helper methods for working with envelope-specific authentication claims.
|
|
/// </summary>
|
|
public static class EnvelopeAuthExtensions
|
|
{
|
|
/// <summary>
|
|
/// Retrieves a claim value by type.
|
|
/// </summary>
|
|
/// <param name="user">The current claims principal.</param>
|
|
/// <param name="claimType">The claim type to resolve.</param>
|
|
/// <returns>The claim value or null when missing.</returns>
|
|
public static string? GetClaimValue(this ClaimsPrincipal user, string claimType) => user.FindFirstValue(claimType);
|
|
|
|
/// <summary>
|
|
/// Gets the authenticated envelope UUID from the claims.
|
|
/// </summary>
|
|
public static string? GetAuthEnvelopeUuid(this ClaimsPrincipal user) => user.FindFirstValue(ClaimTypes.NameIdentifier);
|
|
|
|
/// <summary>
|
|
/// Gets the authenticated receiver signature from the claims.
|
|
/// </summary>
|
|
public static string? GetAuthReceiverSignature(this ClaimsPrincipal user) => user.FindFirstValue(ClaimTypes.Hash);
|
|
|
|
/// <summary>
|
|
/// Gets the authenticated receiver display name from the claims.
|
|
/// </summary>
|
|
public static string? GetAuthReceiverName(this ClaimsPrincipal user) => user.FindFirstValue(ClaimTypes.Name);
|
|
|
|
/// <summary>
|
|
/// Gets the authenticated receiver email address from the claims.
|
|
/// </summary>
|
|
public static string? GetAuthReceiverMail(this ClaimsPrincipal user) => user.FindFirstValue(ClaimTypes.Email);
|
|
|
|
/// <summary>
|
|
/// Gets the authenticated envelope title from the claims.
|
|
/// </summary>
|
|
public static string? GetAuthEnvelopeTitle(this ClaimsPrincipal user) => user.FindFirstValue(EnvelopeClaimTypes.Title);
|
|
|
|
/// <summary>
|
|
/// Gets the authenticated envelope identifier from the claims.
|
|
/// </summary>
|
|
public static int? GetAuthEnvelopeId(this ClaimsPrincipal user)
|
|
{
|
|
var envIdStr = user.FindFirstValue(EnvelopeClaimTypes.Id);
|
|
return int.TryParse(envIdStr, out var envId) ? envId : null;
|
|
}
|
|
|
|
/// <summary>
|
|
/// Signs in an envelope receiver using cookie authentication and attaches envelope claims.
|
|
/// </summary>
|
|
/// <param name="context">The current HTTP context.</param>
|
|
/// <param name="envelopeReceiver">Envelope receiver DTO to extract claims from.</param>
|
|
/// <param name="receiverRole">Role to attach to the authentication ticket.</param>
|
|
public static async Task SignInEnvelopeAsync(this HttpContext context, EnvelopeReceiverDto envelopeReceiver, string receiverRole)
|
|
{
|
|
var claims = new List<Claim>
|
|
{
|
|
new(ClaimTypes.NameIdentifier, envelopeReceiver.Envelope!.Uuid),
|
|
new(ClaimTypes.Hash, envelopeReceiver.Receiver!.Signature),
|
|
new(ClaimTypes.Name, envelopeReceiver.Name ?? string.Empty),
|
|
new(ClaimTypes.Email, envelopeReceiver.Receiver.EmailAddress),
|
|
new(EnvelopeClaimTypes.Title, envelopeReceiver.Envelope.Title),
|
|
new(EnvelopeClaimTypes.Id, envelopeReceiver.Envelope.Id.ToString()),
|
|
new(ClaimTypes.Role, receiverRole)
|
|
};
|
|
|
|
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
|
|
|
|
var authProperties = new AuthenticationProperties
|
|
{
|
|
AllowRefresh = false,
|
|
IsPersistent = false
|
|
};
|
|
|
|
await context.SignInAsync(
|
|
CookieAuthenticationDefaults.AuthenticationScheme,
|
|
new ClaimsPrincipal(claimsIdentity),
|
|
authProperties);
|
|
}
|
|
}
|