Class PrincipalExtensions
Useful extension methods for System.Security.Principal.IPrincipal.
Inherited Members
Namespace: IRM.IdentityModel.Claims
Assembly: IRM.dll
Syntax
public static class PrincipalExtensionsFields
ApplicationAuthenticationType
Represents an System.Security.Principal.IIdentity.AuthenticationType that is done by the application.
Declaration
public const string ApplicationAuthenticationType = "Application"Field Value
|
String
|
Methods
AnyApplicationIdentity(IPrincipal)
Determines if there are any authenticated application specific identities available for the supplied principal.
Declaration
[Obsolete]
public static bool AnyApplicationIdentity(this IPrincipal principal)Parameters
|
System.Security.Principal.IPrincipal
principal
The principal object to search for application specific identities. |
Returns
|
Boolean
true if there are any authenticated application specific identities available; otherwise false. |
Authorize(Claim, Int32)
Validates that the System.Security.Claims.Claim represents the required permission.
Declaration
public static bool Authorize(this Claim claim, int requiredPermission)Parameters
|
System.Security.Claims.Claim
claim
The System.Security.Claims.Claim to validate. |
|
System.Int32
requiredPermission
The permission that is required to have. |
Returns
|
Boolean
Returns true if the |
Exceptions
|
UnauthenticatedUserException
If the user is not authenticated or is missing the owner id claim. |
Authorize(IPrincipal, Int32)
Validates that currently logged in user has the required permission.
Declaration
public static bool Authorize(this IPrincipal principal, int requiredPermission)Parameters
|
System.Security.Principal.IPrincipal
principal
The currently logged in user. |
|
System.Int32
requiredPermission
The permission that the user is required to have. |
Returns
|
Boolean
Returns true if the user has the required permission; otherwise false. |
Exceptions
|
UnauthenticatedUserException
If the user is not authenticated or is missing the owner id claim. |
Authorize(IPrincipal, String)
Validates that currently logged in user has the required permission.
Declaration
public static bool Authorize(this IPrincipal principal, string requiredPermission)Parameters
|
System.Security.Principal.IPrincipal
principal
The currently logged in user. |
|
String
requiredPermission
The permission that the user is required to have. |
Returns
|
Boolean
Returns true if the user has the required permission; otherwise false. |
Copy(ClaimsIdentity, Claim[])
Creates a copy of the System.Security.Claims.ClaimsIdentity and replaces existing claims with the supplied ones.
Declaration
public static ClaimsIdentity Copy(this ClaimsIdentity identity, params Claim[] replaceClaims)Parameters
|
System.Security.Claims.ClaimsIdentity
identity
The System.Security.Claims.ClaimsIdentity to copy. |
|
System.Security.Claims.Claim[]
replaceClaims
An array of System.Security.Claims.Claim to replace in the new copy of |
Returns
|
System.Security.Claims.ClaimsIdentity
A copy of the System.Security.Claims.ClaimsIdentity. |
Copy(IPrincipal)
Creates a deep copy of a System.Security.Principal.IPrincipal.
Declaration
public static IPrincipal Copy(this IPrincipal principal)Parameters
|
System.Security.Principal.IPrincipal
principal
The System.Security.Principal.IPrincipal that should be copied. |
Returns
|
System.Security.Principal.IPrincipal
Returns a copy of the passed in principal. |
Remarks
It is not possible to copy a System.Security.Principal.WindowsPrincipal.
Copy<T>(T)
Creates a deep copy of a System.Security.Principal.IPrincipal.
Declaration
public static T Copy<T>(this T principal)
where T : IPrincipalParameters
|
T
principal
The System.Security.Principal.IPrincipal that should be copied. |
Returns
|
T
Returns a copy of the passed in principal. |
Type Parameters
|
T
|
Remarks
It is not possible to copy a System.Security.Principal.WindowsPrincipal.
GetAllPermissions(IPrincipal, String)
Gets all permissions for the currently logged in user.
Declaration
public static IEnumerable<string> GetAllPermissions(this IPrincipal principal, string startsWith = null)Parameters
|
System.Security.Principal.IPrincipal
principal
The currently logged in user. |
|
String
startsWith
Optional paramater for filtering the returned permissions, to only include the permissions where the value starts with the passed in value. |
Returns
|
IEnumerable<String>
Returns an IEnumerable<T> representing the current users permissions. |
GetAnvändareId(IIdentity)
Gets the user identity (Subject).
Declaration
public static Guid GetAnvändareId(this IIdentity identity)Parameters
|
System.Security.Principal.IIdentity
identity
The currently logged in user. |
Returns
|
System.Guid
Returns a System.Guid representing the id of the currently logged in user, or System.Guid.Empty if user is not logged in or does not have a System.Guid in the NameIdentifier claim. |
GetAnvändareId(IPrincipal)
Gets the user identity (Subject).
Declaration
public static Guid GetAnvändareId(this IPrincipal principal)Parameters
|
System.Security.Principal.IPrincipal
principal
The currently logged in user. |
Returns
|
System.Guid
Returns a System.Guid representing the id of the currently logged in user, or System.Guid.Empty if user is not logged in or does not have a System.Guid in the NameIdentifier claim. |
GetClaim(ClaimsIdentity, String)
Gets a claim of a specific type.
Declaration
public static Claim GetClaim(this ClaimsIdentity identity, string claimType)Parameters
|
System.Security.Claims.ClaimsIdentity
identity
The currently logged in user. |
|
String
claimType
The type of claim to get. |
Returns
|
System.Security.Claims.Claim
Returns a claim of a specific type. |
Exceptions
|
UnauthenticatedUserException
If the user is not authenticated or is missing the owner id claim. |
GetClaim(IIdentity, String)
Gets a claim of a specific type.
Declaration
public static Claim GetClaim(this IIdentity identity, string claimType)Parameters
|
System.Security.Principal.IIdentity
identity
The currently logged in user. |
|
String
claimType
The type of claim to get. |
Returns
|
System.Security.Claims.Claim
Returns a claim of a specific type. |
Exceptions
|
UnauthenticatedUserException
If the user is not authenticated or is missing the owner id claim. |
GetClaim(IPrincipal, String)
Gets a claim of a specific type.
Declaration
public static Claim GetClaim(this IPrincipal principal, string claimType)Parameters
|
System.Security.Principal.IPrincipal
principal
The currently logged in user. |
|
String
claimType
The type of claim to get. |
Returns
|
System.Security.Claims.Claim
Returns a claim of a specific type. |
Exceptions
|
UnauthenticatedUserException
If the user is not authenticated or is missing the owner id claim. |
GetClaimValue<T>(ClaimsIdentity, String)
Gets the value of a claim.
Declaration
public static T GetClaimValue<T>(this ClaimsIdentity identity, string claimType)Parameters
|
System.Security.Claims.ClaimsIdentity
identity
The currently logged in user. |
|
String
claimType
The type of claim to get. |
Returns
|
T
The value of the claim or the default value of |
Type Parameters
|
T
The type of the value. |
GetClaimValue<T>(IIdentity, String)
Gets the value of a claim.
Declaration
public static T GetClaimValue<T>(this IIdentity identity, string claimType)Parameters
|
System.Security.Principal.IIdentity
identity
The currently logged in user. |
|
String
claimType
The type of claim to get. |
Returns
|
T
The value of the claim or the default value of |
Type Parameters
|
T
The type of the value. |
GetClaimValue<T>(IPrincipal, String)
Gets the value of a claim.
Declaration
public static T GetClaimValue<T>(this IPrincipal principal, string claimType)Parameters
|
System.Security.Principal.IPrincipal
principal
The currently logged in user. |
|
String
claimType
The type of claim to get. |
Returns
|
T
The value of the claim or the default value of |
Type Parameters
|
T
The type of the value. |
GetCorrelationIdClaimValue(IPrincipal)
Gets the current correlation id.
Declaration
public static Guid GetCorrelationIdClaimValue(this IPrincipal principal)Parameters
|
System.Security.Principal.IPrincipal
principal
The currently logged in user. |
Returns
|
System.Guid
Returns the correlation id. |
Exceptions
|
UnauthenticatedUserException
If the user is not authenticated or is missing the owner id claim. |
GetIdentity(ClaimsPrincipal)
Gets a single identity object from a System.Security.Claims.ClaimsPrincipal.
Declaration
public static ClaimsIdentity GetIdentity(this ClaimsPrincipal principal)Parameters
|
System.Security.Claims.ClaimsPrincipal
principal
The System.Security.Claims.ClaimsPrincipal used to get the System.Security.Claims.ClaimsIdentity from. |
Returns
|
System.Security.Claims.ClaimsIdentity
Returns a System.Security.Claims.ClaimsIdentity. |
Remarks
Prioritize and gets identities in the following order:
- A single identity of authentication type "Application".
- A single identity of authentication type "Forms", "Federation" or "LOCAL AUTHORITY".
Exceptions
|
UnauthenticatedUserException
If no idenity listed above is found. |
GetIdentity(IPrincipal)
Gets a single identity object from a System.Security.Principal.IPrincipal.
Declaration
public static ClaimsIdentity GetIdentity(this IPrincipal principal)Parameters
|
System.Security.Principal.IPrincipal
principal
The System.Security.Principal.IPrincipal used to get the System.Security.Claims.ClaimsIdentity from. |
Returns
|
System.Security.Claims.ClaimsIdentity
Returns a System.Security.Claims.ClaimsIdentity. |
Remarks
Prioritize and gets identities in the following order:
- A single identity of authentication type "Application".
- A single identity of authentication type "Forms", "Federation" or "LOCAL AUTHORITY".
Exceptions
|
UnauthenticatedUserException
If no idenity listed above is found. |
GetImpersonator(IIdentity)
Gets a System.Security.Claims.ClaimsIdentity that represent the impersonator.
Declaration
public static ClaimsIdentity GetImpersonator(this IIdentity identity)Parameters
|
System.Security.Principal.IIdentity
identity
The currently logged in user. |
Returns
|
System.Security.Claims.ClaimsIdentity
A System.Security.Claims.ClaimsIdentity that represent the impersonator, or null if no impersonation is on-going. |
GetImpersonator(IPrincipal)
Gets a System.Security.Claims.ClaimsIdentity that represent the impersonator.
Declaration
public static ClaimsIdentity GetImpersonator(this IPrincipal principal)Parameters
|
System.Security.Principal.IPrincipal
principal
The currently logged in user. |
Returns
|
System.Security.Claims.ClaimsIdentity
A System.Security.Claims.ClaimsIdentity that represent the impersonator. |
GetObjectId(IIdentity)
Gets the object unique identity (ObjectId).
Declaration
public static Guid? GetObjectId(this IIdentity identity)Parameters
|
System.Security.Principal.IIdentity
identity
The currently logged in user. |
Returns
|
System.Nullable<System.Guid>
Returns a System.Guid representing the id of the currently logged in user, or System.Guid.Empty if user is not logged in or does not have a System.Guid in the NameIdentifier claim. |
GetObjectId(IPrincipal)
Gets the object identity (ObjectId).
Declaration
public static Guid? GetObjectId(this IPrincipal principal)Parameters
|
System.Security.Principal.IPrincipal
principal
The currently logged in user. |
Returns
|
System.Nullable<System.Guid>
Returns a System.Guid representing the id of the currently logged in user, or |
GetOrAddCorrelationId(IPrincipal, Guid)
Gets the current correlation id and sets a new correlation id if none exists.
Declaration
public static Guid GetOrAddCorrelationId(this IPrincipal principal, Guid correlationId)Parameters
|
System.Security.Principal.IPrincipal
principal
The currently logged in user. |
|
System.Guid
correlationId
The correlation id to set if none exists. |
Returns
|
System.Guid
Returns the current correlation id. |
Remarks
This method is thread safe.
Exceptions
|
UnauthenticatedUserException
If the user is not authenticated or is missing the owner id claim. |
GetPreferedCulture(ClaimsIdentity, String)
Gets the prefered culture for the currently logged in user.
Declaration
public static string GetPreferedCulture(this ClaimsIdentity identity, string defaultPreferedCulture = "sv-SE")Parameters
|
System.Security.Claims.ClaimsIdentity
identity
The currently logged in user. |
|
String
defaultPreferedCulture
The default culture returned if the user has no prefereces specified. |
Returns
|
String
The prefered culture for the currently logged in user. |
GetPreferedCulture(IPrincipal, String)
Gets the prefered culture for the currently logged in user.
Declaration
public static string GetPreferedCulture(this IPrincipal principal, string defaultPreferedCulture = "sv-SE")Parameters
|
System.Security.Principal.IPrincipal
principal
The currently logged in user. |
|
String
defaultPreferedCulture
The default culture returned if the user has no prefereces specified. |
Returns
|
String
The prefered culture for the currently logged in user. |
GetTenantId(IIdentity)
Gets the tenant id for the currently logged in user.
Declaration
public static Guid GetTenantId(this IIdentity identity)Parameters
|
System.Security.Principal.IIdentity
identity
The currently logged in user. |
Returns
|
System.Guid
Returns the tenant id. |
Exceptions
|
UnauthenticatedUserException
If the user is not authenticated or is missing the tenant id claim. |
GetTenantId(IPrincipal)
Gets the tenant id for the currently logged in user.
Declaration
public static Guid GetTenantId(this IPrincipal principal)Parameters
|
System.Security.Principal.IPrincipal
principal
The currently logged in user. |
Returns
|
System.Guid
Returns the tenant id. |
Exceptions
|
UnauthenticatedUserException
If the user is not authenticated or is missing the tenant id claim. |
GetWindowsRoleNames(IIdentity)
Translates the currently logged in users groups (sid:s) to role names.
Declaration
public static List<string> GetWindowsRoleNames(this IIdentity identity)Parameters
|
System.Security.Principal.IIdentity
identity
The System.Security.Principal.WindowsIdentity if the currently logged in user. |
Returns
|
List<String>
Returns a list of role names. |
Exceptions
|
UnauthenticatedUserException
If the user is not authenticated or is missing the owner id claim. |
GetWindowsRoleNames(IPrincipal)
Translates the currently logged in users groups (sid:s) to role names.
Declaration
public static List<string> GetWindowsRoleNames(this IPrincipal principal)Parameters
|
System.Security.Principal.IPrincipal
principal
The currently logged in user. |
Returns
|
List<String>
Returns a list of role names. |
Exceptions
|
UnauthenticatedUserException
If the user is not authenticated or is missing the owner id claim. |
IsImpersonated(IIdentity)
Gets if a user is impersonated by another user or not.
Declaration
public static bool IsImpersonated(this IIdentity identity)Parameters
|
System.Security.Principal.IIdentity
identity
The currently logged in user. |
Returns
|
Boolean
true if the current user is impersonated; otherwise false. |
RefreshCorrelationId(IPrincipal, Guid)
Makes sure that the current correlation id is correlationId
Declaration
public static void RefreshCorrelationId(this IPrincipal principal, Guid correlationId)Parameters
|
System.Security.Principal.IPrincipal
principal
The currently logged in user. |
|
System.Guid
correlationId
The correlation id that should be used. |
Remarks
This method is thread safe.
Exceptions
|
UnauthenticatedUserException
If the user is not authenticated or is missing the owner id claim. |
ReplaceClaim(ClaimsIdentity, String, Claim)
Replaces the existring claim with a new value.
Declaration
public static void ReplaceClaim(this ClaimsIdentity identity, string newValue, Claim existingClaim)Parameters
|
System.Security.Claims.ClaimsIdentity
identity
The currently logged in user. |
|
String
newValue
The new value that should be used for the |
|
System.Security.Claims.Claim
existingClaim
The existing claim that should have its value replaced. |
Exceptions
|
System.ArgumentNullException
If the |
ReplaceClaim(ClaimsIdentity, String, String)
Replaces the existring claim with a new value.
Declaration
public static void ReplaceClaim(this ClaimsIdentity identity, string claimType, string newValue)Parameters
|
System.Security.Claims.ClaimsIdentity
identity
The currently logged in user. |
|
String
claimType
The type of claim to replace. |
|
String
newValue
The new value that should be used for the existing claim. |
Remarks
If there are no claim of the specified claimType, a new claim will be added instead.
Exceptions
|
System.ArgumentNullException
If the |
SetupPrincipal(IEnumerable<ClientClaim>)
Creates a System.Security.Principal.WindowsPrincipal with an application specific identity representing custom claims.
Declaration
public static IPrincipal SetupPrincipal(IEnumerable<ClientClaim> claims)Parameters
|
IEnumerable<ClientClaim>
claims
The custom claims that the user has. |
Returns
|
System.Security.Principal.IPrincipal
Returns a System.Security.Principal.WindowsPrincipal with an extra application specific identity. |
SetupPrincipal(IEnumerable<ClientClaim>, WindowsIdentity)
Creates a System.Security.Principal.WindowsPrincipal with an application specific identity representing custom claims.
Declaration
public static IPrincipal SetupPrincipal(IEnumerable<ClientClaim> claims, WindowsIdentity identity)Parameters
|
IEnumerable<ClientClaim>
claims
The custom claims that the user has. |
|
System.Security.Principal.WindowsIdentity
identity
The Windows user. |
Returns
|
System.Security.Principal.IPrincipal
Returns a System.Security.Principal.WindowsPrincipal with an extra application specific identity. |
SetupPrincipal(IEnumerable<Claim>)
Creates a System.Security.Principal.WindowsPrincipal with an application specific identity representing custom claims.
Declaration
public static IPrincipal SetupPrincipal(IEnumerable<Claim> claims)Parameters
|
IEnumerable<System.Security.Claims.Claim>
claims
The custom claims that the user has. |
Returns
|
System.Security.Principal.IPrincipal
Returns a System.Security.Principal.WindowsPrincipal with an extra application specific identity. |
SetupPrincipal(IEnumerable<Claim>, WindowsIdentity)
Creates a System.Security.Principal.WindowsPrincipal with an application specific identity representing custom claims.
Declaration
public static IPrincipal SetupPrincipal(IEnumerable<Claim> claims, WindowsIdentity identity)Parameters
|
IEnumerable<System.Security.Claims.Claim>
claims
The custom claims that the user has. |
|
System.Security.Principal.WindowsIdentity
identity
The Windows user. |
Returns
|
System.Security.Principal.IPrincipal
Returns a System.Security.Principal.WindowsPrincipal with an extra application specific identity. |
TryGetTenantId(IIdentity)
Tries to get the tenant id for the currently logged in user.
Declaration
public static Guid? TryGetTenantId(this IIdentity identity)Parameters
|
System.Security.Principal.IIdentity
identity
The currently logged in user. |
Returns
|
System.Nullable<System.Guid>
Returns the tenant id if found. |
TryGetTenantId(IPrincipal)
Tries to get the tenant id for the currently logged in user.
Declaration
public static Guid? TryGetTenantId(this IPrincipal principal)Parameters
|
System.Security.Principal.IPrincipal
principal
The currently logged in user. |
Returns
|
System.Nullable<System.Guid>
Returns the tenant id if found. |