VCST-2048: Extend ClaimsPrincipalExtensions with GetUserId and GetUserName (#2855)

OlegoO · web-flow · commit fa4e48bba099 · 2024-11-01T11:01:42.000+02:00
feat: Extend ClaimsPrincipalExtensions with GetCurrentUserId and resolving of UserIdClaimTypes based on IdentityOptions settings.
diff --git a/src/VirtoCommerce.Platform.Core/Security/ClaimsPrincipalExtensions.cs b/src/VirtoCommerce.Platform.Core/Security/ClaimsPrincipalExtensions.cs
@@ -8,6 +8,37 @@ namespace VirtoCommerce.Platform.Core.Security
 {
     public static class ClaimsPrincipalExtensions
     {
+        public static string[] UserIdClaimTypes { get; set; } = [];
+
+        public static string[] UserNameClaimTypes { get; set; } = [];
+
+        public static string GetUserId(this ClaimsPrincipal claimsPrincipal)
+        {
+            return GetClaimValue(claimsPrincipal, UserIdClaimTypes);
+        }
+
+        public static string GetUserName(this ClaimsPrincipal claimsPrincipal)
+        {
+            return GetClaimValue(claimsPrincipal, UserNameClaimTypes);
+        }
+
+        private static string GetClaimValue(ClaimsPrincipal claimsPrincipal, string[] claimTypes)
+        {
+            if (claimsPrincipal != null)
+            {
+                foreach (var claimType in claimTypes)
+                {
+                    var value = claimsPrincipal.FindFirstValue(claimType);
+                    if (!string.IsNullOrEmpty(value))
+                    {
+                        return value;
+                    }
+                }
+            }
+
+            return null;
+        }
+
         public static Permission FindPermission(this ClaimsPrincipal principal, string permissionName, JsonSerializerSettings jsonSettings)
         {
             return FindPermissions(principal, permissionName, jsonSettings).FirstOrDefault();
@@ -27,7 +58,6 @@ public static IList<Permission> FindPermissions(this ClaimsPrincipal principal,
             return result;
         }
 
-
         public static bool HasGlobalPermission(this ClaimsPrincipal principal, string permissionName)
         {
             // TODO: Check cases with locked user
diff --git a/src/VirtoCommerce.Platform.Web/Startup.cs b/src/VirtoCommerce.Platform.Web/Startup.cs
@@ -6,6 +6,7 @@
 using System.Net;
 using System.Reflection;
 using System.Runtime.InteropServices;
+using System.Security.Claims;
 using System.Security.Cryptography.X509Certificates;
 using System.Text;
 using System.Threading.Tasks;
@@ -274,6 +275,9 @@ public void ConfigureServices(IServiceCollection services)
                 options.ClaimsIdentity.UserNameClaimType = OpenIddictConstants.Claims.Subject;
                 options.ClaimsIdentity.UserIdClaimType = OpenIddictConstants.Claims.Name;
                 options.ClaimsIdentity.RoleClaimType = OpenIddictConstants.Claims.Role;
+
+                ClaimsPrincipalExtensions.UserIdClaimTypes = [options.ClaimsIdentity.UserIdClaimType, ClaimTypes.NameIdentifier];
+                ClaimsPrincipalExtensions.UserNameClaimTypes = [options.ClaimsIdentity.UserNameClaimType];
             });
 
             services.ConfigureOptions<ConfigureSecurityStampValidatorOptions>();
