Thinktecture IdSrv - set the used identity provider name as a claim

Question

I am using the awesome ThinkTecture Identity (IdSrv) and Authorization (AS) servers.

I have IdSrv setup with multiple Identity Providers (Facebook, ADFS, Google etc).

I have the flows demo running and everything works perfectly, I am currently playing around with the ClaimsTransformer via app.UseClaimsTransformation(new ClaimsTransformer().Transform); in startup.cs.

I would like to know which identity provider the claims are provided by, currently the only claims sent across from AS are below:

{iss: as}
{aud: users}
{nbf: 1399569317}
{exp: 1399572917}
{client_id: implicitclient}
{scope: read}
{sub: 6435621316}

The subject in the above example is the Facebook account of the user who identified themselves, but it could easily be mydomain\someusr.

Is there any way I can get the name of the identity provider used as a claim or otherwise?

I need to know this as I would like to have a link to change the users password if the users has logged in using the native ThinkTecture IdentityServer as the Identity Provider (username/password - I can integrate to a user/pass database via the IUserRepository repository), obviously this wouldn't be displayed if a user had logged in via facebook/google etc.

Answer 1

Dominick from ThinkTecture kindly answered this question:

Try setting filterIncomingClaims to false in web.config

https://github.com/thinktecture/Thinktecture.AuthorizationServer/blob/master/source/WebHost/Web.config

Once done, the additional claims then came across.