Menu
I have created an OWIN web application that is using OpenId Connect for authentication via Microsoft.Owin.Security.OpenIdConnect.
While authentication works, I find that the created ClaimsIdentity.Name member is null. It appears the ClaimsIdentity is expecting the name to be provided in the claim:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
However, Thinktecture IdentityServer v3 provides the name as just:
name
I find this is configurable via NameClaimType in older ASP.Net applications but it is not clear how I do this with OWIN.
How can I configure which claim is mapped to ClaimsIdentity.Name when using OWIN?
436
OWIN allows web apps to be decoupled from web servers. It defines a standard way for middleware to be used in a pipeline to handle requests and associated responses. ASP.NET Core applications and middleware can interoperate with OWIN-based applications, servers, and middleware.
Understanding Application Sign in Cookie flow Automatically redirect an unauthorized response to the login page. Set the logged in user principal to HttpContext. User, so the rest of ASP.NET pipeline will know what user is authenticated. The following is a basic flow of application forms authentication.
OWIN defines a standard interface between . NET web servers and web applications. The goal of the OWIN interface is to decouple server and application, encourage the development of simple modules for . NET web development, and, by being an open standard, stimulate the open source ecosystem of .
Microsoft.Owin.Security.Cookies. Middleware that enables an application to use cookie based authentication, similar to ASP. NET's forms authentication. 64.7M. Microsoft.AspNet.Identity.Owin.
Digging through the code I find this can be configured on the TokenValidationParameters object using NameClaimType or NameClaimTypeRetriever (if the claim type is not fixed).
TokenValidationParameters lives on the options object when configuring the middleware. The following changes to the configuration works in the described case,
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
<existing configuration snipped>,
TokenValidationParameters =
{
NameClaimType = Thinktecture.IdentityServer.Core.Constants.ClaimTypes.Name
}
} );
Thinktecture.IdentityServer.Core.Constants.ClaimTypes.Name is name. A different value can be provided to indicate a different claim should be used.
105
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With