Validate Context.User.Identity before accessing it #872

Merged
merged 1 commit into from Jan 20, 2015

Projects

None yet

2 participants

@grzmiel
Contributor
grzmiel commented Jan 13, 2015

The Context.User.Identity can be null, if there is custom implementation. We should validate it to prevent NullReferenceException.

@avanderhoorn
Member

I'm assuming you were getting a null reference exception here?

@avanderhoorn avanderhoorn self-assigned this Jan 13, 2015
@avanderhoorn avanderhoorn added this to the vNext milestone Jan 13, 2015
@grzmiel
Contributor
grzmiel commented Jan 13, 2015

Yes, since I'm using custom User Identity.

@avanderhoorn
Member

@grzmiel What type do you inherit from for your custom Identity? Wondering if there is a better type we can cast to...

@grzmiel
Contributor
grzmiel commented Jan 18, 2015

I'm inheriting from IPrincipal interface (http://msdn.microsoft.com/en-us/library/system.security.principal.iprincipal(v=vs.110).aspx). To be honest, I was wondering if I could extract getting client identity behind the interface (e.g. IClientIdentityProvider, with method GetClientIdentity(HttpRequestBase) ), and inject it through Service Provider. This would allow me and other to easily override the way the client identity is provided. What do you think of this solution?

@avanderhoorn
Member

That should work, only thing is that we aren't really investing that much more into v1.x at the moment. With v2 it will have this style of extension out of the box, but obviously its missing form v1. That said, v2 is still a little bit away and if you are interested in doing the work for the extension, we would happy help out and bring it in for release. Let me know what you think. At the very least this PR can be merged in.

@avanderhoorn avanderhoorn merged commit 98fdcac into Glimpse:master Jan 20, 2015
@grzmiel grzmiel deleted the grzmiel:validate-identity branch Apr 22, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment