IdentityServer · leastprivilege · Dec 21, 2019 · Dec 9, 2019 · Dec 9, 2019 · Dec 9, 2019
diff --git a/src/AspNetIdentity/host/Quickstart/Account/ExternalController.cs b/src/AspNetIdentity/host/Quickstart/Account/ExternalController.cs
@@ -128,7 +128,15 @@ public async Task<IActionResult> Callback()
             var principal = await _signInManager.CreateUserPrincipalAsync(user);
             additionalLocalClaims.AddRange(principal.Claims);
             var name = principal.FindFirst(JwtClaimTypes.Name)?.Value ?? user.Id;
-            await HttpContext.SignInAsync(user.Id, name, provider, localSignInProps, additionalLocalClaims.ToArray());
+
+            var isuser = new IdentityServerUser(user.Id)
+            {
+                DisplayName = name,
+                IdentityProvider = provider,
+                AdditionalClaims = additionalLocalClaims
+            };
+
+            await HttpContext.SignInAsync(isuser, localSignInProps);
 
             // delete temporary cookie used during external authentication
             await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme);

diff --git a/src/EntityFramework/host/Quickstart/Account/AccountController.cs b/src/EntityFramework/host/Quickstart/Account/AccountController.cs
@@ -127,7 +127,12 @@ public async Task<IActionResult> Login(LoginInputModel model, string button)
                     };
 
                     // issue authentication cookie with subject ID and username
-                    await HttpContext.SignInAsync(user.SubjectId, user.Username, props);
+                    var isuser = new IdentityServerUser(user.SubjectId)
+                    {
+                        DisplayName = user.Username
+                    };
+
+                    await HttpContext.SignInAsync(isuser, props);
 
                     if (context != null)
                     {

diff --git a/src/EntityFramework/host/Quickstart/Account/ExternalController.cs b/src/EntityFramework/host/Quickstart/Account/ExternalController.cs
@@ -120,7 +120,14 @@ public async Task<IActionResult> Callback()
             ProcessLoginCallbackForSaml2p(result, additionalLocalClaims, localSignInProps);
 
             // issue authentication cookie for user
-            await HttpContext.SignInAsync(user.SubjectId, user.Username, provider, localSignInProps, additionalLocalClaims.ToArray());
+            var isuser = new IdentityServerUser(user.SubjectId)
+            {
+                DisplayName = user.Username,
+                IdentityProvider = provider,
+                AdditionalClaims = additionalLocalClaims
+            };
+
+            await HttpContext.SignInAsync(isuser, localSignInProps);
 
             // delete temporary cookie used during external authentication
             await HttpContext.SignOutAsync(IdentityServer4.IdentityServerConstants.ExternalCookieAuthenticationScheme);

diff --git a/src/IdentityServer4/host/Quickstart/Account/AccountController.cs b/src/IdentityServer4/host/Quickstart/Account/AccountController.cs
@@ -129,7 +129,12 @@ public async Task<IActionResult> Login(LoginInputModel model, string button)
                     };
 
                     // issue authentication cookie with subject ID and username
-                    await HttpContext.SignInAsync(user.SubjectId, user.Username, props);
+                    var isuser = new IdentityServerUser(user.SubjectId)
+                    {
+                        DisplayName = user.Username
+                    };
+
+                    await HttpContext.SignInAsync(isuser, props);
 
                     if (context != null)
                     {

diff --git a/src/IdentityServer4/host/Quickstart/Account/ExternalController.cs b/src/IdentityServer4/host/Quickstart/Account/ExternalController.cs
@@ -120,7 +120,14 @@ public async Task<IActionResult> Callback()
             //ProcessLoginCallbackForSaml2p(result, additionalLocalClaims, localSignInProps);
 
             // issue authentication cookie for user
-            await HttpContext.SignInAsync(user.SubjectId, user.Username, provider, localSignInProps, additionalLocalClaims.ToArray());
+            var isuser = new IdentityServerUser(user.SubjectId)
+            {
+                DisplayName = user.Username,
+                IdentityProvider = provider,
+                AdditionalClaims = additionalLocalClaims
+            };
+
+            await HttpContext.SignInAsync(isuser, localSignInProps);
 
             // delete temporary cookie used during external authentication
             await HttpContext.SignOutAsync(IdentityServer4.IdentityServerConstants.ExternalCookieAuthenticationScheme);

diff --git a/src/IdentityServer4/src/Extensions/HttpContextAuthenticationExtensions.cs b/src/IdentityServer4/src/Extensions/HttpContextAuthenticationExtensions.cs
@@ -3,14 +3,11 @@
 
 
 using IdentityServer4;
+using IdentityServer4.Configuration;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.Extensions.DependencyInjection;
-using System.Collections.Generic;
-using System.Security.Claims;
-using System.Threading.Tasks;
 using System;
-using System.Linq;
-using IdentityServer4.Configuration;
+using System.Threading.Tasks;
 
 namespace Microsoft.AspNetCore.Http
 {
@@ -19,243 +16,6 @@ namespace Microsoft.AspNetCore.Http
     /// </summary>
     public static class AuthenticationManagerExtensions
     {
-        /// <summary>
-        /// Signs the user in.
-        /// </summary>
-        /// <param name="context">The manager.</param>
-        /// <param name="subject">The subject.</param>
-        /// <param name="claims">The claims.</param>
-        /// <returns></returns>
-        public static async Task SignInAsync(this HttpContext context, string subject, params Claim[] claims)
-        {
-            var clock = context.GetClock();
-
-            var user = new IdentityServerUser(subject)
-            {
-                AdditionalClaims = claims,
-                AuthenticationTime = clock.UtcNow.UtcDateTime
-            };
-
-            await context.SignInAsync(user);
-        }
-
-        /// <summary>
-        /// Signs the user in.
-        /// </summary>
-        /// <param name="context">The manager.</param>
-        /// <param name="subject">The subject.</param>
-        /// <param name="properties">The authentication properties</param>
-        /// <param name="claims">The claims.</param>
-        /// <returns></returns>
-        public static async Task SignInAsync(this HttpContext context, string subject, AuthenticationProperties properties, params Claim[] claims)
-        {
-            var clock = context.GetClock();
-
-            var user = new IdentityServerUser(subject)
-            {
-                AdditionalClaims = claims,
-                AuthenticationTime = clock.UtcNow.UtcDateTime
-            };
-
-            await context.SignInAsync(user, properties);
-        }
-
-        /// <summary>
-        /// Signs the user in.
-        /// </summary>
-        /// <param name="context">The manager.</param>
-        /// <param name="subject">The subject.</param>
-        /// <param name="name">The name.</param>
-        /// <param name="claims">The claims.</param>
-        /// <returns></returns>
-        public static async Task SignInAsync(this HttpContext context, string subject, string name, params Claim[] claims)
-        {
-            var clock = context.GetClock();
-
-            var user = new IdentityServerUser(subject)
-            {
-                DisplayName = name,
-                AdditionalClaims = claims,
-                AuthenticationTime = clock.UtcNow.UtcDateTime
-            };
-
-            await context.SignInAsync(user);
-        }
-
-        /// <summary>
-        /// Signs the user in.
-        /// </summary>
-        /// <param name="context">The manager.</param>
-        /// <param name="subject">The subject.</param>
-        /// <param name="name">The name.</param>
-        /// <param name="properties">The properties.</param>
-        /// <param name="claims">The claims.</param>
-        /// <returns></returns>
-        public static async Task SignInAsync(this HttpContext context, string subject, string name, AuthenticationProperties properties, params Claim[] claims)
-        {
-            var clock = context.GetClock();
-
-            var user = new IdentityServerUser(subject)
-            {
-                DisplayName = name,
-                AdditionalClaims = claims,
-                AuthenticationTime = clock.UtcNow.UtcDateTime
-            };
-
-            await context.SignInAsync(user, properties);
-        }
-
-        /// <summary>
-        /// Signs the user in.
-        /// </summary>
-        /// <param name="context">The manager.</param>
-        /// <param name="subject">The subject.</param>
-        /// <param name="name">The name.</param>
-        /// <param name="identityProvider">The identity provider.</param>
-        /// <param name="claims">The claims.</param>
-        /// <returns></returns>
-        public static async Task SignInAsync(this HttpContext context, string subject, string name, string identityProvider, params Claim[] claims)
-        {
-            var clock = context.GetClock();
-
-            var user = new IdentityServerUser(subject)
-            {
-                DisplayName = name,
-                IdentityProvider = identityProvider,
-                AdditionalClaims = claims,
-                AuthenticationTime = clock.UtcNow.UtcDateTime
-            };
-
-            await context.SignInAsync(user);
-        }
-
-        /// <summary>
-        /// Signs the user in.
-        /// </summary>
-        /// <param name="context">The manager.</param>
-        /// <param name="subject">The subject.</param>
-        /// <param name="name">The name.</param>
-        /// <param name="identityProvider">The identity provider.</param>
-        /// <param name="properties">The properties.</param>
-        /// <param name="claims">The claims.</param>
-        /// <returns></returns>
-        public static async Task SignInAsync(this HttpContext context, string subject, string name, string identityProvider, AuthenticationProperties properties, params Claim[] claims)
-        {
-            var clock = context.GetClock();
-
-            var user = new IdentityServerUser(subject)
-            {
-                DisplayName = name,
-                IdentityProvider = identityProvider,
-                AdditionalClaims = claims,
-                AuthenticationTime = clock.UtcNow.UtcDateTime
-            };
-
-            await context.SignInAsync(user, properties);
-        }
-
-        /// <summary>
-        /// Signs the user in.
-        /// </summary>
-        /// <param name="context">The manager.</param>
-        /// <param name="subject">The subject.</param>
-        /// <param name="name">The name.</param>
-        /// <param name="authenticationMethods">The authentication methods.</param>
-        /// <param name="claims">The claims.</param>
-        /// <returns></returns>
-        public static async Task SignInAsync(this HttpContext context, string subject, string name, IEnumerable<string> authenticationMethods, params Claim[] claims)
-        {
-            var clock = context.GetClock();
-
-            var user = new IdentityServerUser(subject)
-            {
-                DisplayName = name,
-                AuthenticationMethods = authenticationMethods.ToList(),
-                AdditionalClaims = claims,
-                AuthenticationTime = clock.UtcNow.UtcDateTime
-            };
-
-            await context.SignInAsync(user);
-        }
-
-        /// <summary>
-        /// Signs the user in.
-        /// </summary>
-        /// <param name="context">The manager.</param>
-        /// <param name="subject">The subject.</param>
-        /// <param name="name">The name.</param>
-        /// <param name="authenticationMethods">The authentication methods.</param>
-        /// <param name="properties">The properties.</param>
-        /// <param name="claims">The claims.</param>
-        /// <returns></returns>
-        public static async Task SignInAsync(this HttpContext context, string subject, string name, IEnumerable<string> authenticationMethods, AuthenticationProperties properties, params Claim[] claims)
-        {
-            var clock = context.GetClock();
-
-            var user = new IdentityServerUser(subject)
-            {
-                DisplayName = name,
-                AuthenticationMethods = authenticationMethods.ToList(),
-                AdditionalClaims = claims,
-                AuthenticationTime = clock.UtcNow.UtcDateTime
-            };
-
-            await context.SignInAsync(user, properties);
-        }
-
-        /// <summary>
-        /// Signs the user in.
-        /// </summary>
-        /// <param name="context">The manager.</param>
-        /// <param name="sub">The sub.</param>
-        /// <param name="name">The name.</param>
-        /// <param name="identityProvider">The identity provider.</param>
-        /// <param name="authenticationMethods">The authentication methods.</param>
-        /// <param name="claims">The claims.</param>
-        /// <returns></returns>
-        public static async Task SignInAsync(this HttpContext context, string sub, string name, string identityProvider, IEnumerable<string> authenticationMethods, params Claim[] claims)
-        {
-            var clock = context.GetClock();
-
-            var user = new IdentityServerUser(sub)
-            {
-                DisplayName = name,
-                IdentityProvider = identityProvider,
-                AuthenticationMethods = authenticationMethods.ToList(),
-                AdditionalClaims = claims,
-                AuthenticationTime = clock.UtcNow.UtcDateTime
-            };
-
-            await context.SignInAsync(user);
-        }
-
-        /// <summary>
-        /// Signs the user in.
-        /// </summary>
-        /// <param name="context">The manager.</param>
-        /// <param name="sub">The sub.</param>
-        /// <param name="name">The name.</param>
-        /// <param name="identityProvider">The identity provider.</param>
-        /// <param name="authenticationMethods">The authentication methods.</param>
-        /// <param name="properties">The properties.</param>
-        /// <param name="claims">The claims.</param>
-        /// <returns></returns>
-        public static async Task SignInAsync(this HttpContext context, string sub, string name, string identityProvider, IEnumerable<string> authenticationMethods, AuthenticationProperties properties, params Claim[] claims)
-        {
-            var clock = context.GetClock();
-
-            var user = new IdentityServerUser(sub)
-            {
-                DisplayName = name,
-                IdentityProvider = identityProvider,
-                AuthenticationMethods = authenticationMethods.ToList(),
-                AdditionalClaims = claims,
-                AuthenticationTime = clock.UtcNow.UtcDateTime
-            };
-
-            await context.SignInAsync(user, properties);
-        }
-
         /// <summary>
         /// Signs the user in.
         /// </summary>