Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Consider HasClaimAsync or GetClaimAsync #2068
It is easy to get a claim from a logged in user, but not from a user that is not (yet) logged in.
When generating a JWT token for my API, I want to check if the user for which the credentials are provided has the right claim to allow access to the API. Without such a check the token is provided, but than using the token fails because the access policy checks the claim.
When using Roles you can use IsInRoleAsync(). But there is no equivalent for claims.
So when getting the user:
I would like to do something like:
I have now written my own extension method:
I understand that HasClaim is based on cookies rather than database access, so much cheaper for logged in users: