This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi;
This question is for the Identity library. My app is Blazor (server side) but I think that is irrelevant here.
Where is the context.User built in the Identity library? And can I add my own code in there?
I ask because I would like to add a claim to the context.User.Claims where the type is "Id" and the value is the AspNetUsers.Id guid for the user. Having this directly available from context.User would be super convenient.
I think this is connected to my question Identity library - Check Enabled & re-read Claims on each page because both require getting in to the Identity library code that builds the User object. I'm hoping there's a way, either with a defined middle-ware API, a method in the library I can directly edit, or some other approach.
thanks - dave
According to you other posts, you're using cookie authentication. Rather than using the SignInManager which does all the work to fetch the claims and create the cookie you can write your own code to add whatever claims you like.
Create an authentication cookie
Remember .NET Core is open source. Just read the code.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 61%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
the easiest way to add claims is to use the IClaimsTransformation interface. You define the transformation service and register, and it will be called when the User Principal is created.
the issue you will have is that a Blazor Server App is that the user principal is created outside the Blazor app lifecycle. There is only one http request to create the connection (app instance), so the same HttpContext and user is used for the life of the Blazor App.
in a classic web app which reads the cookie on every request, you would use ISecurityStampValidator if you wanted to detect changes in security information. but blazer server does not support this as the cookie is only loaded once.
@AgaveJoe I'm definitely not purposely using cookie authentication. I never specified what method to use assuming the default was the optimal approach.
I do get a Task<AuthenticationState> that is populated with the user's claims:
var authenticationState = await AuthenticationStateTask; var claims = authenticationState.User.Claims.ToList();
So... is there some call I need to make to tell it explicitly how to handle authentication? If so, what/how do I do this? And what is the most secure approach, hopefully one that will immediately reflect any claim changes. And where I can implement IdentityUser.Enabled.
thanks - dave
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
My posts keep getting removed. I give up...
blazor server uses cookie authentication. the cookie is built with oauth or individual accounts middleware depending on which template you picked. this is all configured in the program.cs. Oauth redirects to a login server and creates the cookie based on the reply. individual accounts uses razor pages and the user db interface to create the cookie..
the cookie is built and set outside the blazor app by the chosen middleware. the AuthenticationStateTask just uses the user defined in httpcontext when the app starts.
blazor currently DOES NOT support updating the user principal during the Blazor lifecycle. see this issue thread:
https://github.com/dotnet/aspnetcore/issues/38111
as suggested before you can use authentication policies to verify claims are current.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
My posts keep getting removed. I give up...
This has an "Undo delete" option at the bottom of your post, if you don't want to delete the post, you can undo the delete.