From da1c4ccdb7e6ae5ed11ce015fa986601ad058ff1 Mon Sep 17 00:00:00 2001 From: maliming Date: Sun, 11 Apr 2021 16:11:12 +0800 Subject: [PATCH 1/5] Add document of IAbpClaimsPrincipalFactory. --- docs/en/Authorization.md | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/docs/en/Authorization.md b/docs/en/Authorization.md index fbb71bb3d4..c01d92b64d 100644 --- a/docs/en/Authorization.md +++ b/docs/en/Authorization.md @@ -393,6 +393,38 @@ public override void ConfigureServices(ServiceConfigurationContext context) This is already done for the startup template integration tests. +### Claims Principal Factory + +Abp abstracts the way that authentication creates `ClaimsPrincipal`. You can provide a custom `IAbpClaimsPrincipalContributor` to add additional claims. + +Example of add `EditionId` of current tenant to user claims: + +```csharp +public class EditionClaimsPrincipalContributor : IAbpClaimsPrincipalContributor, ITransientDependency +{ + public async Task ContributeAsync(AbpClaimsPrincipalContributorContext context) + { + var identity = context.ClaimsPrincipal.Identities.FirstOrDefault(); + if (identity != null) + { + var currentTenant = context.ServiceProvider.GetRequiredService(); + if (currentTenant.Id != null) + { + var tenantRepository = context.ServiceProvider.GetRequiredService(); + var tenant = await tenantRepository.FindAsync(currentTenant.Id.Value); + if (tenant?.EditionId != null) + { + identity.AddOrReplace(new Claim(AbpClaimTypes.EditionId, tenant.EditionId.ToString())); + } + } + } + } +} +``` +The `EditionClaimsPrincipalContributor` will participate in it when the `CreateAsync` method of `IAbpClaimsPrincipalFactory` is called. + +> The Identity module has integrated it. + ## See Also * [Permission Management Module](Modules/Permission-Management.md) From 08acfa664063712e10f09f9653711729e4757ac0 Mon Sep 17 00:00:00 2001 From: maliming Date: Sun, 11 Apr 2021 16:12:35 +0800 Subject: [PATCH 2/5] Update Authorization.md --- docs/en/Authorization.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/en/Authorization.md b/docs/en/Authorization.md index c01d92b64d..e04c6c159e 100644 --- a/docs/en/Authorization.md +++ b/docs/en/Authorization.md @@ -421,6 +421,7 @@ public class EditionClaimsPrincipalContributor : IAbpClaimsPrincipalContributor, } } ``` + The `EditionClaimsPrincipalContributor` will participate in it when the `CreateAsync` method of `IAbpClaimsPrincipalFactory` is called. > The Identity module has integrated it. From bdf555ae075bc40a8835ca80bdebe7da32eed25e Mon Sep 17 00:00:00 2001 From: maliming Date: Sun, 11 Apr 2021 16:15:44 +0800 Subject: [PATCH 3/5] Update Authorization.md --- docs/en/Authorization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/en/Authorization.md b/docs/en/Authorization.md index e04c6c159e..f9a0be5292 100644 --- a/docs/en/Authorization.md +++ b/docs/en/Authorization.md @@ -424,7 +424,7 @@ public class EditionClaimsPrincipalContributor : IAbpClaimsPrincipalContributor, The `EditionClaimsPrincipalContributor` will participate in it when the `CreateAsync` method of `IAbpClaimsPrincipalFactory` is called. -> The Identity module has integrated it. +> The [Identity module](https://docs.abp.io/en/abp/latest/Modules/Identity) has integrated it. ## See Also From 53b49c13557e070ca485911474a6f0d20d592674 Mon Sep 17 00:00:00 2001 From: maliming Date: Fri, 16 Apr 2021 09:49:19 +0800 Subject: [PATCH 4/5] Update Authorization.md --- docs/en/Authorization.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/docs/en/Authorization.md b/docs/en/Authorization.md index f9a0be5292..d41879cd9b 100644 --- a/docs/en/Authorization.md +++ b/docs/en/Authorization.md @@ -397,24 +397,24 @@ This is already done for the startup template integration tests. Abp abstracts the way that authentication creates `ClaimsPrincipal`. You can provide a custom `IAbpClaimsPrincipalContributor` to add additional claims. -Example of add `EditionId` of current tenant to user claims: +Example of add `SocialSecurityNumber` of current tenant to user claims: ```csharp -public class EditionClaimsPrincipalContributor : IAbpClaimsPrincipalContributor, ITransientDependency +public class SocialSecurityNumberClaimsPrincipalContributor : IAbpClaimsPrincipalContributor, ITransientDependency { public async Task ContributeAsync(AbpClaimsPrincipalContributorContext context) { var identity = context.ClaimsPrincipal.Identities.FirstOrDefault(); if (identity != null) { - var currentTenant = context.ServiceProvider.GetRequiredService(); - if (currentTenant.Id != null) + var currentUser = context.ServiceProvider.GetRequiredService(); + if (currentUser.Id.HasValue) { - var tenantRepository = context.ServiceProvider.GetRequiredService(); - var tenant = await tenantRepository.FindAsync(currentTenant.Id.Value); - if (tenant?.EditionId != null) + var userManager = context.ServiceProvider.GetRequiredService(); + var user = await userManager.GetByIdAsync(currentUser.Id.Value); + if (user?.SocialSecurityNumber != null) { - identity.AddOrReplace(new Claim(AbpClaimTypes.EditionId, tenant.EditionId.ToString())); + identity.AddOrReplace(new Claim("SocialSecurityNumber", user.SocialSecurityNumber)); } } } @@ -422,7 +422,7 @@ public class EditionClaimsPrincipalContributor : IAbpClaimsPrincipalContributor, } ``` -The `EditionClaimsPrincipalContributor` will participate in it when the `CreateAsync` method of `IAbpClaimsPrincipalFactory` is called. +The `SocialSecurityNumberClaimsPrincipalContributor` will participate in it when the `CreateAsync` method of `IAbpClaimsPrincipalFactory` is called. > The [Identity module](https://docs.abp.io/en/abp/latest/Modules/Identity) has integrated it. From 149dff4d7ec268096812ca0a0dcb9d2aa387cdc4 Mon Sep 17 00:00:00 2001 From: maliming Date: Fri, 16 Apr 2021 09:49:52 +0800 Subject: [PATCH 5/5] Update Authorization.md --- docs/en/Authorization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/en/Authorization.md b/docs/en/Authorization.md index d41879cd9b..44d01118b5 100644 --- a/docs/en/Authorization.md +++ b/docs/en/Authorization.md @@ -397,7 +397,7 @@ This is already done for the startup template integration tests. Abp abstracts the way that authentication creates `ClaimsPrincipal`. You can provide a custom `IAbpClaimsPrincipalContributor` to add additional claims. -Example of add `SocialSecurityNumber` of current tenant to user claims: +Example of add `SocialSecurityNumber` of current user to claims: ```csharp public class SocialSecurityNumberClaimsPrincipalContributor : IAbpClaimsPrincipalContributor, ITransientDependency