SimpleIdServer icon indicating copy to clipboard operation
SimpleIdServer copied to clipboard
verified publisher icon simpleidserver

Duplicate Claims in UserClaims Table When Adding via Postman or UI

Open HappyRoot opened this issue 1 year ago • 3 comments

Hello, and thank you for your great work!

In version 5.0.2, when adding claims using either Postman or the UI — regardless of the method — the claims are consistently duplicated in the UserClaims table. This behavior seems suboptimal and might indicate an issue.

Example Request:

POST https://localhost:5001/master/users/{{userId}}/claims
Content-Type: application/json

{
  "claims": [
    {
      "name": "permissions",
      "value": "can_block_objects"
    },
    {
      "name": "permissions",
      "value": "objects_manager"
    }     
  ]
}

HappyRoot avatar Dec 25 '24 15:12 HappyRoot

Hello, and thank you for your interest in SimpleIdServer! 🙂

It is normal for the UserClaims table to contain multiple records for the same claim. 🙂 In your example, a user can have one or more permissions, such as can_block_objects and objects_manager. The permissions claims will be transformed into an array by SimpleIdServer and included in the access/identity token.

KR, SID

simpleidserver avatar Dec 31 '24 08:12 simpleidserver

Image

The issue is that if multiple requests to update claims are made, the old ones are not removed, and the userId is set to null, leaving behind 'garbage' records in the database.

HappyRoot avatar Jan 10 '25 12:01 HappyRoot

Hello,

There is indeed an issue in the implementation. :( The issue has been fixed in the origin/Release503 branch.

KR, SID

simpleidserver avatar Jan 12 '25 13:01 simpleidserver