SharePoint : Get User’s login name from claims encoded value

There are sometimes scenarios where we have to get user’s login name and we have only claims encoded value (like this i:0#.w|domain\username or i:0#.f|membershipprovider|abc.xyz@comp.com). In SharePoint 2013 / 2010, there is SPClaimProviderManager class available which can decode the claims and provide user’s login name.

I have created a method, which accepts claims encoded value as parameter and returns user’s login name (only if claims are resolved properly).

private string GetUsernameFromClaim(string claimsEncodedUsername)
{
 try
 {
 SPClaimProviderManager mgr = SPClaimProviderManager.Local;
 if (mgr != null)
 {
 if (SPClaimProviderManager.IsEncodedClaim(claimsEncodedUsername))
 {
 // return the normal domain\username without any claims identification data
 return mgr.DecodeClaim(claimsEncodedUsername).Value;
 }
 }
 }
 catch (Exception ex)
 {
 return claimsEncodedUsername; // Or just return the original username.
 }

 // Return the original username value if it couldn't be resolved as a claims username
 return claimsEncodedUsername;
}

Note : Add namespace “Microsoft.SharePoint.Administration.Claims” to use above class.

Read user claims information in SharePoint 2013

In this article, we will see how to read user claims in SharePoint 2013. For this I have prepared one httphandler, which will read the claims information of current logged in user (authentication type windows, forms or third party trusted provider).

using Microsoft.IdentityModel.Claims;
using Microsoft.SharePoint;
using Microsoft.SharePoint.Administration.Claims;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Text;
using System.Threading.Tasks;
using System.Web;

namespace SSONamespace
{
    class SSOAuthenticationExample : IHttpModule
    {
        public void Init(HttpApplication context)
        {
            context.PreRequestHandlerExecute += new EventHandler(context_PreRequestHandlerExecute);
        }

        void context_PreRequestHandlerExecute(object sender, EventArgs e)
        {            
            string requestUrl = HttpContext.Current.Request.Url.ToString();
            IClaimsIdentity ci = (IClaimsIdentity)HttpContext.Current.User.Identity;
            List<Claim> claimCollection = ci.Claims.OfType<Claim>().Select(x => x).ToList();

	/*Uncomment these lines to see all claims entries */
            //string text = string.Empty;
            //foreach (Claim item in ci.Claims)
            //{
            //    text += item.ClaimType + " : " + item.Value + " | ";
            //}

            //System.IO.File.WriteAllText(@"C:\SSOClaims.txt", text);
		
		//fetch information from claims
            string userName = claimCollection.Where(x => x.ClaimType.ToLower().Contains("userid")).Select(y => y.Value).FirstOrDefault();
         }

        public void Dispose() { }

    }
}

Now deploy this code and add below entry in web.config file of web application :

<system.web>
  <httpModules>
    <add name="SSONamespaceModule" type="SSONamespace.SSOAuthenticationExample , SSONamespace, Version=1.0.0.0, Culture=neutral, PublicKeyToken=3af8d8e2f9e8b6c3"  precondition="integratedmode" />
  </httpModules>
</system.web>

Note : Replace PublicKeyToken value from your own project’s PublicKeyToken