chesscubing/ChessCubing.Server/Users/AuthenticatedSiteUser.cs

using System.Security.Claims;

namespace ChessCubing.Server.Users;

public sealed record AuthenticatedSiteUser(
    string Subject,
    string Username,
    string? Email,
    string DisplayName);

public static class AuthenticatedSiteUserFactory
{
    public static AuthenticatedSiteUser? FromClaimsPrincipal(ClaimsPrincipal user)
    {
        if (user.Identity?.IsAuthenticated != true)
        {
            return null;
        }

        var subject = user.FindFirst("sub")?.Value
            ?? user.FindFirst(ClaimTypes.NameIdentifier)?.Value;
        if (string.IsNullOrWhiteSpace(subject))
        {
            return null;
        }

        var username = user.FindFirst("preferred_username")?.Value
            ?? user.Identity?.Name
            ?? subject;
        var email = user.FindFirst("email")?.Value;
        var displayName = user.FindFirst("name")?.Value
            ?? username;

        return new AuthenticatedSiteUser(
            subject.Trim(),
            username.Trim(),
            string.IsNullOrWhiteSpace(email) ? null : email.Trim(),
            displayName.Trim());
    }
}