Tuesday, January 16, 2018

IdentityServer4 and user claims.

EDIT: Hello future searchers. If you find this please visit my stackoverflow post for an answer: http://ift.tt/2DlTDTu

I have set up a basic TestAdmin account to use claim based Authentication in a microservice app. I have the relevant code set up as follows:

await userManager.AddClaimAsync(testAdmin, new Claim(ClaimTypes.Role, "NavInvoices")); 

This shows up in the AspNetUserClaims db, so it is being created and saved. I tried these two methods to set up the Policy(I have it only checking if any ClaimTypes.Role exists right now):

services.AddAuthorization(options => { options.AddPolicy("NavInvoices2", policy => policy.RequireClaim(ClaimTypes.Role)); }); services.AddAuthorization(options => { options.AddPolicy("NavInvoices", policy => policy.RequireAssertion(context => context.User.HasClaim(c => (c.Type == ClaimTypes.Role)))); }); 

And this is the Controller:

[Authorize(Policy = "NavInvoices")] public IActionResult About() { ViewData["Message"] = "Your application description page."; return View(); } 

The problem is when I iterate over user.claims there is no role. Only things like email, name etc. In the SqlDB only my role I created exists. None of these other things that exist like name and email are in the DB. So there is a disconnect somewhere. I am using IdentityServer4's Quickstart EFandAspNetIdentity template as my base if anyone has familiarity with that.

I've googled everything I can and so far I can't find anything. I think there is two separate storages going on and the cookie is only passing one of them through to the webmvc project. Any suggestions?

IdentityServer4 and user claims. Click here
  • Blogger Comment
  • Facebook Comment

0 comments:

Post a Comment

The webdev Team