UserInfo is not returning any Claims #1938
Comments
that's weird - check the logs. |
Here's a part of the logs when getting the userinfo:
I don't see any suspects aside from the line below which I don't exactly know what it means.:
Also, to add context, here are the entries at the beginning of the logs when I restarted idsrv3:
Some warnings. At the first look at it, I assume I need to implement something aside from the custom UserService (inheriting from UserServiceBase)? |
so have you debugged the user service that you are actually returning the right claims in the GetProfileDataAsnyc? |
Sorry about the late response. Let me check that out some more and I'll post my findings here. |
Finally found the solution. I am using DefaultClaimsProvider in my setup because I just implemented a custom User Service. Now, in my GetProfileDataAsync implementation:
You'll notice that I just returned a Task.FromResult(identity.Claims). The only missing line of code I needed is:
The reason behind this is because in the DefaultClaimsProvider.GetIdentityTokenClaimsAsync(), this is how it gets the claims from the GetProfileDataAsync.
Notice how context.IssuedClaims is passed as a parameter to the FilterProtocolClaims. So in practice, the context.IssuesClaims should be populated with the claims from the GetProfileDataAsync. So, here's my updated GetProfileDataAsync. Just 1 line of code added!
Thanks @leastprivilege for pointing me to the right direction. |
thank you very much ,i also meet the same question that all claims missing ,but through your answer i found the reason . |
Context:
So here are the sample codes for the UserService I have created.
First, the code for the AuthenticateLocalAsync being overriden because users are logging in via Idsrv3's login page:
Then next, I have implemented the GetProfileDataAsync:
The code above shows that preferred_username and email claims were added to the identity.Claims and were returned. Also, both claims are in the requested claims collection.
Then in the client config/setup, I have this:
Now, when I try to login and debug setting a breakpoint in the line after "var userInfo = await userInfoClient.GetAsync();", the user info returned does not have ANY claims. Not even the JsonObject or the Raw have values. (see screenshot below)
I am quite confused because when I tried just using the default InMemoryUser and default user service, the user info does return claims correctly. I must be missing something.
Let me know if you need more context, I will supply them.
The text was updated successfully, but these errors were encountered: