using System.Security.Claims; using System.Text.Encodings.Web; using Microsoft.AspNetCore.Authentication; using Microsoft.Extensions.Options; namespace TrafagSalesExporter.Security; public sealed class DevelopmentAuthenticationHandler : AuthenticationHandler { public const string SchemeName = "Development"; public const string AdminClaimType = "TrafagSalesExporter.Admin"; private readonly IConfiguration _configuration; public DevelopmentAuthenticationHandler( IOptionsMonitor options, ILoggerFactory logger, UrlEncoder encoder, IConfiguration configuration) : base(options, logger, encoder) { _configuration = configuration; } protected override Task HandleAuthenticateAsync() { var settings = _configuration.GetSection(SecurityOptions.SectionName).Get() ?? new SecurityOptions(); var claims = new List { new(ClaimTypes.Name, settings.DevelopmentUserName), new(ClaimTypes.NameIdentifier, settings.DevelopmentUserName) }; if (settings.DevelopmentUserIsAdmin) claims.Add(new Claim(AdminClaimType, "true")); var identity = new ClaimsIdentity(claims, SchemeName); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, SchemeName); return Task.FromResult(AuthenticateResult.Success(ticket)); } }