diff --git a/default.ps1 b/default.ps1
index 5f84f0f..1e4e8c7 100644
--- a/default.ps1
+++ b/default.ps1
@@ -11,7 +11,7 @@ properties {
$nuget_path = "$src_directory\.nuget\nuget.exe"
$buildNumber = 0;
- $version = "2.0.0.0"
+ $version = "2.1.0.0"
$preRelease = $null
}
diff --git a/source/AccessTokenValidation/AccessTokenValidation.csproj b/source/AccessTokenValidation/AccessTokenValidation.csproj
index 9127837..9614af2 100644
--- a/source/AccessTokenValidation/AccessTokenValidation.csproj
+++ b/source/AccessTokenValidation/AccessTokenValidation.csproj
@@ -98,6 +98,7 @@
+
diff --git a/source/AccessTokenValidation/IdentityServerBearerTokenAuthenticationOptions.cs b/source/AccessTokenValidation/IdentityServerBearerTokenAuthenticationOptions.cs
index f8f0f71..0607c2d 100644
--- a/source/AccessTokenValidation/IdentityServerBearerTokenAuthenticationOptions.cs
+++ b/source/AccessTokenValidation/IdentityServerBearerTokenAuthenticationOptions.cs
@@ -39,6 +39,7 @@ public IdentityServerBearerTokenAuthenticationOptions() : base("Bearer")
ValidationMode = ValidationMode.Both;
RequiredScopes = Enumerable.Empty();
ValidationResultCacheDuration = TimeSpan.FromMinutes(5);
+ PreserveAccessToken = false;
}
///
@@ -128,5 +129,13 @@ public IdentityServerBearerTokenAuthenticationOptions() : base("Bearer")
/// The required scopes.
///
public IEnumerable RequiredScopes { get; set; }
+
+ ///
+ /// Gets or sets a value indicating whether to preserve the access token as a claim. Defaults to false.
+ ///
+ ///
+ /// true if access token is preserved; otherwise, false.
+ ///
+ public bool PreserveAccessToken { get; set; }
}
}
\ No newline at end of file
diff --git a/source/AccessTokenValidation/IdentityServerBearerTokenValidationAppBuilderExtensions.cs b/source/AccessTokenValidation/IdentityServerBearerTokenValidationAppBuilderExtensions.cs
index 3bfa289..b8b4fac 100644
--- a/source/AccessTokenValidation/IdentityServerBearerTokenValidationAppBuilderExtensions.cs
+++ b/source/AccessTokenValidation/IdentityServerBearerTokenValidationAppBuilderExtensions.cs
@@ -68,6 +68,11 @@ public static IAppBuilder UseIdentityServerBearerTokenAuthentication(this IAppBu
app.Use(options.RequiredScopes);
}
+ if (options.PreserveAccessToken)
+ {
+ app.Use();
+ }
+
return app;
}
diff --git a/source/AccessTokenValidation/IdentityServerBearerTokenValidationMiddleware.cs b/source/AccessTokenValidation/IdentityServerBearerTokenValidationMiddleware.cs
index 006a4d2..30b4b68 100644
--- a/source/AccessTokenValidation/IdentityServerBearerTokenValidationMiddleware.cs
+++ b/source/AccessTokenValidation/IdentityServerBearerTokenValidationMiddleware.cs
@@ -21,6 +21,7 @@
using System;
using System.Collections.Generic;
using System.Linq;
+using System.Security.Claims;
using System.Threading.Tasks;
using AppFunc = System.Func, System.Threading.Tasks.Task>;
@@ -84,7 +85,6 @@ public async Task Invoke(IDictionary environment)
context.Set("idsrv:tokenvalidation:token", token);
-
// seems to be a JWT
if (token.Contains('.'))
{
diff --git a/source/AccessTokenValidation/PreserveAccessTokenMiddleware.cs b/source/AccessTokenValidation/PreserveAccessTokenMiddleware.cs
new file mode 100644
index 0000000..e659532
--- /dev/null
+++ b/source/AccessTokenValidation/PreserveAccessTokenMiddleware.cs
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2015 Dominick Baier, Brock Allen
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+using Microsoft.Owin;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using AppFunc = System.Func, System.Threading.Tasks.Task>;
+
+namespace IdentityServer3.AccessTokenValidation
+{
+ ///
+ /// Middleware to check for scope claims in access token
+ ///
+ internal class PreserveAccessTokenMiddleware
+ {
+ private readonly AppFunc _next;
+
+ ///
+ /// Initializes a new instance of the class.
+ ///
+ /// The next middleware.
+ public PreserveAccessTokenMiddleware(AppFunc next)
+ {
+ _next = next;
+ }
+
+ ///
+ /// Invokes the middleware.
+ ///
+ /// The OWIN environment.
+ ///
+ public async Task Invoke(IDictionary env)
+ {
+ var context = new OwinContext(env);
+
+ // if no token was sent - no need to validate scopes
+ var principal = context.Authentication.User;
+ if (principal == null || principal.Identity == null || !principal.Identity.IsAuthenticated)
+ {
+ await _next(env);
+ return;
+ }
+
+ var token = context.Get("idsrv:tokenvalidation:token");
+ if (!string.IsNullOrWhiteSpace(token))
+ {
+ principal.Identities.First().AddClaim(new Claim("token", token));
+ }
+
+ await _next(env);
+ }
+ }
+}
\ No newline at end of file
diff --git a/source/VersionAssemblyInfo.cs b/source/VersionAssemblyInfo.cs
index 1ceeba7..9874791 100644
Binary files a/source/VersionAssemblyInfo.cs and b/source/VersionAssemblyInfo.cs differ