-
Notifications
You must be signed in to change notification settings - Fork 9.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added support for multiple values (arrays) in default claim action - Remove Original Claim #7204
Comments
The code today is: |
Thanks for asking the question. It got me rethinking about the issue. I believe I see my mistake:
In the code above, by the time the JsonKeyClaimAction is run, the role claim is already mapped into the Identity.Claims collection. This is why I need to remove it. I suspect that the correct solution is to add the "role" claim to the list of exempted claims:
I'm thinking making this change would eliminate the need to remove to I will test it on Monday and let you know, but I'm guessing you already know that's where I went wrong😄. |
2.1.0-preview1 added support for multiple values (array) in default claim action as requested in:
Issue Uninstall RC1 requires re-download of original installer #1449 - OIDC, I cannot add extra claims from userinfo endpoint aspnet/Security#1449 (comment)
Pull Request Can ASP.NET Membership interoperate with ASP.NET Core? #1501 - Added support for multiple values (arrays) in default claim action aspnet/Security#1501
While the added class - JsonKeyClaimAction - does do the requested action, it still leaves the original claim in place. My request is to modify the code so that it also remove the claim.
Here is an illustration of the issue. Right now, I have the following claim:
`role - ["foo", "bar] ``
Which e JsonKeyClaimAction transoforinto:
The transformation is good, but what I really want to end up with is this:
Here is my suggested change (sorry, I don't know how to do pull requests. I am an old TFS guy):
I don't know if it makes sense to modify the original JsonKeyClaimAction (as I have done above) or to create a new ClaimActon that does the the removal. This way folks have the option of removing the bad claim or not. Personally the original makes no sense so I would like to remove it. Others may not agree.
The text was updated successfully, but these errors were encountered: