Using Your Own Custom Identity Store
Samples of the below code can be found on our GitHub
For this part of the documentation the code in Base Installation project will be considered the "Before".
Getting Started - Using the Rsk.CustomIdentity Interfaces
The Rsk.CustomIdentity package contains the required modal and store interfaces required to build an AdminUI compatible Identity store.
Models:
- ISSOUser
- ISSOClaimType
- ISSORole
Store interfaces:
- ISSOUserStore
- ISSOClaimTypeStore
- ISSORoleStore
An implementation of ISSOStoreFactory is also required. ISSOStoreFactory will return the concrete implementations of the ISSOUserStore, ISSORoleStore, and ISSOClaimTypeStore
SSOClaimStore:
public class ClaimTypeStore : ISSOClaimTypeStore
{
public Task<ISSOClaimType> GetClaimTypeByName(string name)
{
throw new NotImplementedException();
}
...
SSORoleStore:
public class RoleStore : ISSORoleStore
{
public Task<ISSORole> CreateRole(ISSORole role)
{
throw new NotImplementedException();
}
...
SSOUserStore:
public class UserStore : ISSOUserStore
{
public Task<ISSOUser> CreateUser(ISSOUser user)
{
throw new NotImplementedException();
}
...
SSOStoreFactory:
public class SSOStoreFactory : ISSOStoreFactory
{
public ISSOUserStore CreateUserStore()
{
return new UserStore();
}
public ISSORoleStore CreateRoleStore()
{
return new RoleStore();
}
public ISSOClaimTypeStore CreateClaimTypeStore()
{
return new ClaimTypeStore();
}
}
Once you have provided an implementation of these interfaces, you can update your the pipeline registration for AdminUI in your Program.cs or Startup.cs class to:
builder.Services
.AddAdminUI(options =>
{
options.IdentityType = IdentityType.DefaultIdentity;
options.MigrationOptions = MigrationOptions.All;
})
.WithIdentityStore<CustomStoreFactory>();
This will register your new ISSOStoreFactory implementation as the factory to use when the AdminUI service layer requests and manages Users, Roles, and Claim Types.
Additionally, you must also specify to the package that you are using a custom identity implementation.
Calling WithIdentityStore will stop AdminUI from running bootstrap, if you would still like to have the default bootstrapped users and roles you can take away this call, run the application and then add it back in.
The code from this section can be found here
The next section will use Tenancy as an example of how to transform additional fields to claims, alongside using extra tables as dynamic provider for the Enum claim type: