From 10521395b9686aa7ae367a956b3a7b7bfc03257f Mon Sep 17 00:00:00 2001
From: Jon P Smith <jon.smith@selectiveanalytics.com>
Date: Sat, 3 Jul 2021 11:10:16 +0100
Subject: [PATCH] Added User Claims display

---
 .../Model/AppSummary.cs                       |  2 +-
 .../Pages/Index.cshtml                        |  2 +-
 .../Pages/Shared/_Layout.cshtml               |  2 +-
 .../Pages/UserClaims.cshtml                   | 20 +++++++++++++++++++
 .../Pages/UserClaims.cshtml.cs                | 16 +++++++++++++++
 .../README.md                                 |  7 ++++---
 6 files changed, 43 insertions(+), 6 deletions(-)
 create mode 100644 Example1.RazorPages.IndividualAccounts/Pages/UserClaims.cshtml
 create mode 100644 Example1.RazorPages.IndividualAccounts/Pages/UserClaims.cshtml.cs

diff --git a/Example1.RazorPages.IndividualAccounts/Model/AppSummary.cs b/Example1.RazorPages.IndividualAccounts/Model/AppSummary.cs
index 5216165e..9ec62efd 100644
--- a/Example1.RazorPages.IndividualAccounts/Model/AppSummary.cs
+++ b/Example1.RazorPages.IndividualAccounts/Model/AppSummary.cs
@@ -8,7 +8,7 @@ public class AppSummary
         public string Application { get; } = "ASP.NET Core, Razor Pages";
         public string AuthorizationProvider { get; } = "ASP.NET Core's individual accounts";
         public string CookieOrToken { get; } = "Cookie";
-        public string DataKey { get; } = "- not used -";
+        public string MultiTenant { get; } = "- not used -";
         public string[] Databases { get; } = new []
         {
             "Individual accounts: InMemoryDatabase",
diff --git a/Example1.RazorPages.IndividualAccounts/Pages/Index.cshtml b/Example1.RazorPages.IndividualAccounts/Pages/Index.cshtml
index e9fadbc8..2f4cb8b1 100644
--- a/Example1.RazorPages.IndividualAccounts/Pages/Index.cshtml
+++ b/Example1.RazorPages.IndividualAccounts/Pages/Index.cshtml
@@ -17,7 +17,7 @@
     <li><strong>@nameof(AppSummary.Application)</strong>:&nbsp;@Model.AppSummary.Application</li>
     <li><strong>@nameof(AppSummary.AuthorizationProvider)</strong>:&nbsp;@Model.AppSummary.AuthorizationProvider</li>
     <li><strong>@nameof(AppSummary.CookieOrToken)</strong>:&nbsp;@Model.AppSummary.CookieOrToken</li>
-    <li><strong>@nameof(AppSummary.DataKey)</strong>:&nbsp;@Model.AppSummary.DataKey</li>
+    <li><strong>@nameof(AppSummary.MultiTenant)</strong>:&nbsp;@Model.AppSummary.MultiTenant</li>
     <li>
         <strong>@nameof(AppSummary.Databases)</strong>:&nbsp;
         <ul>
diff --git a/Example1.RazorPages.IndividualAccounts/Pages/Shared/_Layout.cshtml b/Example1.RazorPages.IndividualAccounts/Pages/Shared/_Layout.cshtml
index 300e75da..ef1f4c7c 100644
--- a/Example1.RazorPages.IndividualAccounts/Pages/Shared/_Layout.cshtml
+++ b/Example1.RazorPages.IndividualAccounts/Pages/Shared/_Layout.cshtml
@@ -22,7 +22,7 @@
                             <a class="nav-link text-dark" asp-area="" asp-page="/Index">Home</a>
                         </li>
                         <li class="nav-item">
-                            <a class="nav-link text-dark" asp-area="" asp-page="/Privacy">Privacy</a>
+                            <a class="nav-link text-dark" asp-area="" asp-page="/UserClaims">User's claims</a>
                         </li>
                     </ul>
                     <partial name="_LoginPartial" />
diff --git a/Example1.RazorPages.IndividualAccounts/Pages/UserClaims.cshtml b/Example1.RazorPages.IndividualAccounts/Pages/UserClaims.cshtml
new file mode 100644
index 00000000..b95f0d83
--- /dev/null
+++ b/Example1.RazorPages.IndividualAccounts/Pages/UserClaims.cshtml
@@ -0,0 +1,20 @@
+@page
+@model UserClaimsModel
+
+<p>Current logged in user claims.</p>
+
+@if (Model.ThisUser?.Identity.IsAuthenticated == true)
+{
+    <h4>User '@User.Identity.Name'</h4>
+    <ul>
+
+        @foreach (var claim in @Model.ThisUser.Claims)
+        {
+            <li>@claim.ToString()</li>
+        }
+    </ul>
+}
+else
+{
+    <h4>No user is logged in.</h4>
+}
diff --git a/Example1.RazorPages.IndividualAccounts/Pages/UserClaims.cshtml.cs b/Example1.RazorPages.IndividualAccounts/Pages/UserClaims.cshtml.cs
new file mode 100644
index 00000000..bbb3a2f4
--- /dev/null
+++ b/Example1.RazorPages.IndividualAccounts/Pages/UserClaims.cshtml.cs
@@ -0,0 +1,16 @@
+using System.Security.Claims;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+
+namespace Example1.RazorPages.IndividualAccounts.Pages
+{
+    public class UserClaimsModel : PageModel
+    {
+        public ClaimsPrincipal ThisUser { get; set; }
+
+        public void OnGet()
+        {
+            ThisUser = User;
+        }
+    }
+}
diff --git a/Example1.RazorPages.IndividualAccounts/README.md b/Example1.RazorPages.IndividualAccounts/README.md
index 7e216afe..6a07f04e 100644
--- a/Example1.RazorPages.IndividualAccounts/README.md
+++ b/Example1.RazorPages.IndividualAccounts/README.md
@@ -2,13 +2,16 @@
 
 This project contains a example of using the AuthPermissions.AspNetCore library in ASP.NET Core razor page web app with user data provided by the individual accounts approach. This is one of the simplest approaches using:
 
+This article (!!! LINK !!!) details how this example was built, and how it works.
+
 - **Application**: ASP.NET Core, Razor Pages
 - **AuthorizationProvider**: ASP.NET Core's individual accounts
 - **CookieOrToken**: Cookie
-- **DataKey**: not used
+- **MultiTenant**: not used
 - **Databases**: Two databases
   - Individual accounts: InMemoryDatabase:
   - AuthPermissions: In-memory database (uses SQLite in-memory).
+- **Focused on**: The basics of the AuthPermissions authorization system.
 
 The ASP.NET Core code comes comes from the [ASP.NET Core documentation on building razor page web app individual accounts authorization](https://docs.microsoft.com/en-us/aspnet/core/security/authorization/secure-data), but the handling of the visibilty of the contact manager features are handled by the AuthPermissions.AspNetCore library.
 
@@ -21,8 +24,6 @@ The AuthPermissions.AspNetCore code/features used in this example
 - Authorization in razor pages via the `User.HasPermission(<enum permission>)` method.
 - Add SuperUser on startup feature.
 
-This article (!!! LINK !!!) details how this example was built, and how it works.
-
 NOTE: This example does not include the admin pages for 
 
 *NOTE: [This article](https://blog.francium.tech/asp-net-core-basic-authentication-authorization-in-razor-pages-with-postgresql-b1f2888b21d0) provides a good overview of the standard ASP.NET Core authorization approaches.*