| | | 1 | | using System.Security.Claims; |
| | | 2 | | using AsiBackbone.Core.Actors; |
| | | 3 | | |
| | | 4 | | namespace AsiBackbone.AspNetCore.Actors; |
| | | 5 | | |
| | | 6 | | /// <summary> |
| | | 7 | | /// Configures how ASP.NET Core claims are mapped into framework-neutral actor contexts. |
| | | 8 | | /// </summary> |
| | | 9 | | public sealed class AsiBackboneHttpActorContextOptions |
| | | 10 | | { |
| | | 11 | | /// <summary> |
| | | 12 | | /// Gets the default stable identifier claim types checked for authenticated actors. |
| | | 13 | | /// </summary> |
| | 53 | 14 | | public static IReadOnlyList<string> DefaultActorIdClaimTypes { get; } = |
| | 3 | 15 | | [ |
| | 3 | 16 | | ClaimTypes.NameIdentifier, |
| | 3 | 17 | | "sub", |
| | 3 | 18 | | "oid", |
| | 3 | 19 | | "client_id", |
| | 3 | 20 | | "azp", |
| | 3 | 21 | | ClaimTypes.Email, |
| | 3 | 22 | | ]; |
| | | 23 | | |
| | | 24 | | /// <summary> |
| | | 25 | | /// Gets the default display-name claim types checked for authenticated actors. |
| | | 26 | | /// </summary> |
| | 53 | 27 | | public static IReadOnlyList<string> DefaultDisplayNameClaimTypes { get; } = |
| | 3 | 28 | | [ |
| | 3 | 29 | | ClaimTypes.Name, |
| | 3 | 30 | | "name", |
| | 3 | 31 | | "preferred_username", |
| | 3 | 32 | | ClaimTypes.Email, |
| | 3 | 33 | | "email", |
| | 3 | 34 | | ]; |
| | | 35 | | |
| | | 36 | | /// <summary> |
| | | 37 | | /// Gets or sets the claim types used to resolve a stable actor identifier. |
| | | 38 | | /// </summary> |
| | 263 | 39 | | public IList<string> ActorIdClaimTypes { get; set; } = [.. DefaultActorIdClaimTypes]; |
| | | 40 | | |
| | | 41 | | /// <summary> |
| | | 42 | | /// Gets or sets the claim types used to resolve an optional actor display name. |
| | | 43 | | /// </summary> |
| | 131 | 44 | | public IList<string> DisplayNameClaimTypes { get; set; } = [.. DefaultDisplayNameClaimTypes]; |
| | | 45 | | |
| | | 46 | | /// <summary> |
| | | 47 | | /// Gets or sets the claim type used to resolve an actor type. |
| | | 48 | | /// </summary> |
| | 131 | 49 | | public string ActorTypeClaimType { get; set; } = "actor_type"; |
| | | 50 | | |
| | | 51 | | /// <summary> |
| | | 52 | | /// Gets or sets the actor type used when an authenticated principal does not provide a valid actor type claim. |
| | | 53 | | /// </summary> |
| | 61 | 54 | | public AsiBackboneActorType DefaultAuthenticatedActorType { get; set; } = AsiBackboneActorType.Human; |
| | | 55 | | |
| | | 56 | | /// <summary> |
| | | 57 | | /// Gets or sets the display name used for unauthenticated actors. |
| | | 58 | | /// </summary> |
| | 17 | 59 | | public string? UnauthenticatedDisplayName { get; set; } |
| | | 60 | | |
| | | 61 | | /// <summary> |
| | | 62 | | /// Validates the options. |
| | | 63 | | /// </summary> |
| | | 64 | | public void Validate() |
| | | 65 | | { |
| | 62 | 66 | | if (ActorIdClaimTypes is null || ActorIdClaimTypes.Count == 0 || ActorIdClaimTypes.All(string.IsNullOrWhiteSpace |
| | | 67 | | { |
| | 8 | 68 | | throw new InvalidOperationException("At least one actor identifier claim type must be configured."); |
| | | 69 | | } |
| | | 70 | | |
| | 54 | 71 | | if (DisplayNameClaimTypes is null) |
| | | 72 | | { |
| | 2 | 73 | | throw new InvalidOperationException("DisplayNameClaimTypes must be configured."); |
| | | 74 | | } |
| | | 75 | | |
| | 52 | 76 | | if (string.IsNullOrWhiteSpace(ActorTypeClaimType)) |
| | | 77 | | { |
| | 6 | 78 | | throw new InvalidOperationException("ActorTypeClaimType must be configured."); |
| | | 79 | | } |
| | 46 | 80 | | } |
| | | 81 | | } |