claims

I'm playing a with JwtTokens and can't make them work properly. I'm using http://www.nuget.org/packages/System.IdentityModel.Tokens.Jwt/ for it. I know the code is a mess but is just to show what I'm trying to do. The problem is that I want the JwtTokenHandler to fail the validation because of the lifetime. var key = "5A0AB091-3F84-4EC4-B227-0834FCD8B1B4"; var domain = "http://localhost"; var allowedAudience = "http://localhost"; var signatureAlgorithm = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"; var digestAlgorithm = "http://www.w3.org/2001/04/xmlenc#sha256"; var issuer = "self";

Inspired by an article on custom claims , I've added a tenant id custom claim to my Identity server sign in process as follows: using System; using System.Security.Claims; using System.Threading.Tasks; using MyNamespace.Models; using Microsoft.AspNetCore.Identity; using Microsoft.Extensions.Options; using MyNamespace.Data; using MyNamespace.Constants; namespace MyNamespace.Factories { public class TenantClaimsPrincipalFactory : UserClaimsPrincipalFactory<ApplicationUser> { public TenantClaimsPrincipalFactory( UserManager<ApplicationUser> userManager, IOptions<IdentityOptions> optionsAccessor)

Case: I have an MVC5 application (basically the MVC5 template with a scaffolded view) with the Google authentication method enabled. The application has been configured to accept email as user name and to store the claims assigned from Google like Surname, givenname, email, nameidentifier, etc, to the membership database (AspNetUserClaims). When I register and log in with a "local" user everything is fine. If I log in with a Google user its fine. If I log in with an account set up to have both a local and external login I get the error below. I have tried changing the type for the token to

I am using JWT Bearer auth in my new asp.net core 2.0 api app and want to add some extra claims to the current identity. This extra info is located in another api which need to be queried. My understanding is that claims transformation would be the proper place to do this. In .net core 1.1 you have the IClaimsTransformer interface in Microsoft.AspNetCore.Authentication nuget package, but I cannot install this one in my .net core 2.0 app. Is there a alternative way to transform claims in asp.net core 2.0 and is this the correct approach for my use case? Canada Wan IClaimsTransformer has been

I have used OWIN authentication in my application. Login Action var claims = new List<Claim>(); claims.Add(new Claim(ClaimTypes.Name, result.UserFirstName)); claims.Add(new Claim(ClaimTypes.Sid, result.UserID.ToString())); var identity = new ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie); I want to access the UserName and UserID from different action. How can I access the values which is added in the claims? Update I have tried var claims = new List<Claim>(); claims.Add(new Claim(ClaimTypes.Name, result.UserFirstName + " " + result.UserLastName)); claims.Add(new Claim

I'm trying out some of the new stuff in VS2013 RC with MVC5 and the new OWIN authentication middleware. So, I'm used to using the [Authorize] attribute to limit actions by role but I'm trying to use claims/activity based authorization, and I can't find an equivalent attribute for it. Is there an obvious one I'm missing or do I need to roll my own? I kinda expected there to be one out of the box. What I'm looking for specifically is something along the lines of [Authorize("ClaimType","ClaimValue")] I suppose. Thanks in advance. Stimul8d I ended up just writing a simple attribute to handle it. I