System.Security.Claims.ClaimsIdentity.RemoveClaim C# (CSharp) Method

ClaimsIdentity Class Documentation Usage Examples Of System.Security.Claims.ClaimsIdentity::RemoveClaim ファイルを表示 Open project: dotnet/corefx

RemoveClaim() public method

It is possible that a Claim returned from Claims cannot be removed. This would be the case for 'External' claims that are provided by reference.

object.ReferenceEquals is used to 'match'.

if 'claim' cannot be removed.

public RemoveClaim ( Claim claim ) : void
claim	Claim	the to match.
return	void

        public virtual void RemoveClaim(Claim claim)
        {
            if (!TryRemoveClaim(claim))
            {
                throw new InvalidOperationException(
                    string.Format(CultureInfo.InvariantCulture, 
                                  SR.GetResourceString("InvalidOperation_ClaimCannotBeRemoved", "The Claim '{0}' was not able to be removed.  It is either not part of this Identity or it is a claim that is owned by the Principal that contains this Identity. For example, the Principal will own the claim when creating a GenericPrincipal with roles. The roles will be exposed through the Identity that is passed in the constructor, but not actually owned by the Identity.  Similar logic exists for a RolePrincipal."),
                                  claim));
            }
        }

Same methods

ClaimsIdentity::RemoveClaim ( System claim ) : void

Usage Example

コード例 #1

ファイルを表示

ファイル: SecurityUtils.cs プロジェクト: Xamarui/Katana

        public static string CreateJwtToken(AuthenticationTicket data, string issuer, SigningCredentials signingCredentials)
        {
            string audience = issuer;

            // As JWT doesn't have a mechanism of passing metadata about what claim should be the name/subject the JWT handler
            // users the default Name claim type. If the identity has another claim type as the name type we need to 
            // switch it to the DefaultNameClaimType.
            var identity = new ClaimsIdentity(data.Identity);
            if (identity.NameClaimType != ClaimsIdentity.DefaultNameClaimType && !string.IsNullOrWhiteSpace(identity.Name))
            {
                identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, identity.Name));
                identity.RemoveClaim(identity.Claims.First(c => c.Type == identity.NameClaimType));
            }

            // And now do the same for roles.
            List<Claim> roleClaims = identity.Claims.Where(c => c.Type == identity.RoleClaimType).ToList();
            if (identity.RoleClaimType != ClaimsIdentity.DefaultRoleClaimType && roleClaims.Any())
            {
                foreach (var roleClaim in roleClaims)
                {
                    identity.RemoveClaim(roleClaim);
                    identity.AddClaim(new Claim(ClaimsIdentity.DefaultRoleClaimType, roleClaim.Value, roleClaim.ValueType, roleClaim.Issuer, roleClaim.OriginalIssuer));
                }
            }

            identity.AddClaims(new[]
            {
                new Claim("iat", GetEpocTimeStamp()),
                new Claim("jti", Guid.NewGuid().ToString("N"))
            });

            Lifetime lifetime = new Lifetime(null, null);
            if (data.Properties.IssuedUtc != null || data.Properties.ExpiresUtc != null)
            {
                lifetime = new Lifetime(data.Properties.IssuedUtc != null ? (DateTime?)((DateTimeOffset)data.Properties.IssuedUtc).UtcDateTime : null, data.Properties.ExpiresUtc != null ? (DateTime?)((DateTimeOffset)data.Properties.ExpiresUtc).UtcDateTime : null);
            }

            var handler = new JwtSecurityTokenHandler();
            return handler.CreateToken(issuer, audience, identity, lifetime.Created, lifetime.Expires, signingCredentials).RawData;
        }

All Usage Examples Of System.Security.Claims.ClaimsIdentity::RemoveClaim

ClaimsIdentity

AddClaim

AddClaims

ClaimsIdentity

Clone

CreateClaim

Deserialize

FindAll

FindFirst

GetObjectData

HasClaim