I am using MVC5 with Owin identity.
I am struggling to reuse any custom Claims in regenerateIdentityCallback.
I have in Startup this configuration (as provided in the standard Template for new MVC project)
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser, Guid>(
validateInterval: TimeSpan.FromSeconds(10),
regenerateIdentityCallback: (manager, user) => user.GenerateUserIdentityAsync(manager),
getUserIdCallback: (user) => Guid.Parse(user.GetUserId()))
}
});
the GenerateUserIdentityAsync looks like this: (as well pretty much standard from the Template)
public async Task<ClaimsIdentity> GenerateUserIdentityAsync(UserManager<ApplicationUser, Guid> manager)
{
var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie);
// I want here instead of generating new one, just reuse the previous one
userIdentity.AddClaim(new Claim(ClaimTypes.Sid, Guid.NewGuid().ToString()));
return userIdentity;
}
The problem is, that I am not able to reuse the Claim and I allways have to get new value for it. After investigation of the Identity dll I see, that this
instance of the user has no Claims as it is fresh user from Database and userIdentity
has only the standard Claims as Id and UserName, which are created by CreateIdentityAsync method. Getting the user from HttpContext.Current is not possible, it is null on this place.
What is the best way to reuse a Claim to keep some values from the Cookie? I probably misunderstood the purpose of Claims. Thx in advance for your help
You can obtain the same result by doing this (context.Identity is the previous identity):
OnValidateIdentity = context => SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, DtbsUser, Guid>(
validateInterval: TimeSpan.FromSeconds(30),
regenerateIdentityCallback:
(manager, user) =>
user.GenerateUserIdentityAsync(manager, context.Identity),
getUserIdCallback: (ci) => Guid.Parse(ci.GetUserId())).Invoke(context)
I gave up and created own SecurityStampValidator
which does exactly the same as original, but passes the current claimsIdentity to regenerateIdentityCallback as param. Not at all happy about this solution, but it works.
OnValidateIdentity = MySecurityStampValidator.OnValidateIdentity<ApplicationUserManager, DtbsUser, Guid>(
validateInterval: TimeSpan.FromSeconds(10),
regenerateIdentityCallback: (manager, user, previousIdentity) => user.GenerateUserIdentityAsync(manager, previousIdentity),
getUserIdCallback: user => Guid.Parse(user.GetUserId()))
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With