User Identity Provider
IIdentityProviderService
in assembly SanteDB.Core.Api version 3.0.1980.0
Summary
Identity provider service
Events
Authenticating
EventHandler<AuthenticatingEventArgs>
Fired prior to an authentication event
Authenticated
EventHandler<AuthenticatedEventArgs>
Fired after an authentication decision being made
Operations
GetIdentity
IIdentity
String userName
Retrieves an identity from the object
GetIdentity
IIdentity
Guid sid
Retrieves an identity from the object
CreateIdentity
IIdentity
String userName String password IPrincipal principal Nullable<Guid> withSid
Create a basic identity in the provider
Authenticate
IPrincipal
String userName String password IEnumerable<IClaim> clientClaimAssertions IEnumerable<String> demandedScopes
Authenticate the user creating an identity
Authenticate
IPrincipal
String userName String password String tfaSecret IEnumerable<IClaim> clientClaimAssertions IEnumerable<String> demandedScopes
Authenticate the user creating an identity
ReAuthenticate
IPrincipal
IPrincipal principal
Recheck the authentication of an already authenticated .
ChangePassword
void
String userName String newPassword IPrincipal principal Boolean isSynchronizationOperation
Change user password
DeleteIdentity
void
String userName IPrincipal principal
Delete an identity
SetLockout
void
String userName Boolean lockout IPrincipal principal
Set lockout
AddClaim
void
String userName IClaim claim IPrincipal principal Nullable<TimeSpan> expiry
Adds a claim to the specified user account
RemoveClaim
void
String userName String claimType IPrincipal principal
Removes a claim from the specified user account
GetClaims
IEnumerable<IClaim>
String userName
Get all active claims for the specified user
GetSid
Guid
String userName
Get the SID for the named user
GetAuthenticationMethods
AuthenticationMethod
String userName
Gets the applicable authentication methods from the identity provider for
ExpirePassword
void
String userName IPrincipal principal
Indicates that the password for the should be immediately expired (user must change password at next login)
Implementations
BridgedIdentityProvider - (SanteDB.Client)
Represents an identity provider which bridges local and upstream
Service Registration
...
<section xsi:type="ApplicationServiceContextConfigurationSection" threadPoolSize="4">
<serviceProviders>
...
<add type="SanteDB.Client.Upstream.Security.BridgedIdentityProvider, SanteDB.Client, Version=3.0.1980.0, Culture=neutral, PublicKeyToken=null" />
...
</serviceProviders>
UpstreamIdentityProvider - (SanteDB.Client)
Represents an implementation of the IIdentityProviderService which uses an upstream oauth server
Service Registration
...
<section xsi:type="ApplicationServiceContextConfigurationSection" threadPoolSize="4">
<serviceProviders>
...
<add type="SanteDB.Client.Upstream.Security.UpstreamIdentityProvider, SanteDB.Client, Version=3.0.1980.0, Culture=neutral, PublicKeyToken=null" />
...
</serviceProviders>
AdoIdentityProvider - (SanteDB.Persistence.Data)
An identity provider implemented for .NET
Service Registration
...
<section xsi:type="ApplicationServiceContextConfigurationSection" threadPoolSize="4">
<serviceProviders>
...
<add type="SanteDB.Persistence.Data.Services.AdoIdentityProvider, SanteDB.Persistence.Data, Version=3.0.1980.0, Culture=neutral, PublicKeyToken=null" />
...
</serviceProviders>
Example Implementation
/// Example Implementation
using SanteDB.Core.Security.Services;
/// Other usings here
public class MyIdentityProviderService : SanteDB.Core.Security.Services.IIdentityProviderService {
public String ServiceName => "My own IIdentityProviderService service";
/// <summary>
/// Fired prior to an authentication event
/// </summary>
public event EventHandler<AuthenticatingEventArgs> Authenticating;
/// <summary>
/// Fired after an authentication decision being made
/// </summary>
public event EventHandler<AuthenticatedEventArgs> Authenticated;
/// <summary>
/// Retrieves an identity from the object
/// </summary>
public IIdentity GetIdentity(String userName){
throw new System.NotImplementedException();
}
/// <summary>
/// Retrieves an identity from the object
/// </summary>
public IIdentity GetIdentity(Guid sid){
throw new System.NotImplementedException();
}
/// <summary>
/// Create a basic identity in the provider
/// </summary>
public IIdentity CreateIdentity(String userName,String password,IPrincipal principal,Nullable<Guid> withSid){
throw new System.NotImplementedException();
}
/// <summary>
/// Authenticate the user creating an identity
/// </summary>
public IPrincipal Authenticate(String userName,String password,IEnumerable<IClaim> clientClaimAssertions,IEnumerable<String> demandedScopes){
throw new System.NotImplementedException();
}
/// <summary>
/// Authenticate the user creating an identity
/// </summary>
public IPrincipal Authenticate(String userName,String password,String tfaSecret,IEnumerable<IClaim> clientClaimAssertions,IEnumerable<String> demandedScopes){
throw new System.NotImplementedException();
}
/// <summary>
/// Recheck the authentication of an already authenticated .
/// </summary>
public IPrincipal ReAuthenticate(IPrincipal principal){
throw new System.NotImplementedException();
}
/// <summary>
/// Change user password
/// </summary>
public void ChangePassword(String userName,String newPassword,IPrincipal principal,Boolean isSynchronizationOperation){
throw new System.NotImplementedException();
}
/// <summary>
/// Delete an identity
/// </summary>
public void DeleteIdentity(String userName,IPrincipal principal){
throw new System.NotImplementedException();
}
/// <summary>
/// Set lockout
/// </summary>
public void SetLockout(String userName,Boolean lockout,IPrincipal principal){
throw new System.NotImplementedException();
}
/// <summary>
/// Adds a claim to the specified user account
/// </summary>
public void AddClaim(String userName,IClaim claim,IPrincipal principal,Nullable<TimeSpan> expiry){
throw new System.NotImplementedException();
}
/// <summary>
/// Removes a claim from the specified user account
/// </summary>
public void RemoveClaim(String userName,String claimType,IPrincipal principal){
throw new System.NotImplementedException();
}
/// <summary>
/// Get all active claims for the specified user
/// </summary>
public IEnumerable<IClaim> GetClaims(String userName){
throw new System.NotImplementedException();
}
/// <summary>
/// Get the SID for the named user
/// </summary>
public Guid GetSid(String userName){
throw new System.NotImplementedException();
}
/// <summary>
/// Gets the applicable authentication methods from the identity provider for
/// </summary>
public AuthenticationMethod GetAuthenticationMethods(String userName){
throw new System.NotImplementedException();
}
/// <summary>
/// Indicates that the password for the should be immediately expired (user must change password at next login)
/// </summary>
public void ExpirePassword(String userName,IPrincipal principal){
throw new System.NotImplementedException();
}
}
References
Last updated
Was this helpful?