Home icon indicating copy to clipboard operation
Home copied to clipboard
verified publisher icon dolittle

UserSecurityActor does not expose the claims principal

Open KristofferBerge opened this issue 6 years ago • 3 comments

It's not easy to extend the UserSecurityActor to check more than Roles and Claims because it does not expose the ClaimsPrincipal.

If it exposes that we can extend it to check for whatever we need.

┆Issue is synchronized with this Asana task

KristofferBerge avatar Feb 24 '20 08:02 KristofferBerge

Our use case is to find a value in the scope claim. The scope claim contains a list of scopes. If there was a claim contains rule, we would not have to implement this ourselves.

KristofferBerge avatar Feb 24 '20 08:02 KristofferBerge

➤ Einar Ingebrigtsen commented:

Are you looking for a value within the claim value, or is it the whole value. If it's the latter, you could use the method called HasClaimTypeWithValue(). (https://github.com/dolittle-fundamentals/DotNET.Fundamentals/blob/master/Source/Security/IUserSecurityActor.cs)

ghost avatar Feb 25 '20 07:02 ghost

The scope claim contains a list of values. I would like to check if a given value is in that list

KristofferBerge avatar Feb 25 '20 08:02 KristofferBerge