Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to specify the destination for an existing ClaimsIdentity?

Tags:

asp.net

openid-connect

asp.net-identity

aspnet-contrib

I'm using below code to create a ClaimIdentity in OpenIdConnectServerProvider.AuthorizationProvider. But the identity.Name is not searlized. How to allow the OpenIdConnectServer serarlize the name? Thanks.

The previous question is here How to create a ClaimIdentity in asp.net 5

var user = await userManager.FindByNameAsync(context.UserName);
var factory = context.HttpContext.RequestServices.GetRequiredService<IUserClaimsPrincipalFactory<ApplicationUser>>();
var identity = await factory.CreateAsync(user);                
context.Validated(new ClaimsPrincipal(identity));
like image 787
Tony Woo Avatar asked Nov 19 '15 07:11

Tony Woo

People also ask

Where are user claims stored?

By default, a user's claims are stored in the authentication cookie.

What is ClaimsIdentity in ASP.NET Core?

In . NET Core, the ClaimsIdentity class represents a user in your application. It helps describe who they are and helps manage the list of claims which describe what they can do.

How do I apply a claim in .NET core?

Claim based authorization checks are declarative - the developer embeds them within their code, against a controller or an action within a controller, specifying claims which the current user must possess, and optionally the value the claim must hold to access the requested resource.

1 Answers

To avoid leaking confidential data, AspNet.Security.OpenIdConnect.Server refuses to serialize the claims that don't explicitly specify a destination.

To serialize the name (or any other claim), you can use the .SetDestinations extension:

var principal = await factory.CreateAsync(user);

var name = principal.FindFirst(ClaimTypes.Name);
if (name != null) {
    // Use "id_token" to serialize the claim in the identity token or "access_token"
    // to serialize it in the access token. You can also specify both destinations.
    name.SetDestinations(OpenIdConnectConstants.Destinations.AccessToken,
                         OpenIdConnectConstants.Destinations.IdentityToken);
}

context.Validate(principal);

When adding a claim, you can also use the AddClaim extension taking a destinations parameter:

identity.AddClaim(ClaimTypes.Name, "Pinpoint",
     OpenIdConnectConstants.Destinations.AccessToken,
     OpenIdConnectConstants.Destinations.IdentityToken);
like image 163
Kévin Chalet Avatar answered Oct 17 '22 23:10

Kévin Chalet
Sign in to Comment

Related questions

Intermittent "Failed to load viewstate" error
ExecuteNonQuery returns what int value [closed]
Update panel asp.net - page refresh
ASP.NET Label equivalent of HTML 'for' attribute
Div below other div in bootstrap
Declaring List inside a Model
Byte array to excel workbook
The specified cast from a materialized 'System.DateTime' type to the 'System.String' type is not valid
How to check if cookies are enabled or disabled in asp.net?
Why is OutputCache a result filter and not an action filter in ASP.NET MVC?
Remove Special characters from file name
How to get Hangfire started ("always on") in Azure shared hosting?
How do I use indexOf() case insensitively?
HTML alternative to <input type=text> that can be assigned a unique ID and that blends in with text
Microsoft.Data.Edm vs Microsoft.OData.Edm: what is the difference? [duplicate]
Return id after insert C# using SQL Server
how can i call web api Controller from ajax
regular expression does not work with javascript
Replace a character of the nth position
What is the difference between UrlHelper.Route and UrlHelper.Link methods?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!