问题
In my ASP.NET Core Identity I have noticed that my claim that I add are getting lost.
First I have a Create claim view having a form to create a claim. The claim is added to the currently logged in user.
The code of the Action method is:
[HttpPost]
[ActionName("Create")]
public IActionResult Create_Post(string claimType, string claimValue, string claimIssuer)
{
ClaimsIdentity identity = User.Identity as ClaimsIdentity;
Claim claim = new Claim(claimType, claimValue, ClaimValueTypes.String, claimIssuer);
identity.AddClaim(claim);
return RedirectToAction("Index");
}
The clain is added on this line - identity.AddClaim(claim);.
Now the last line is redirecting to Index action method whose code is:
public ViewResult Index() => View(User?.Claims);
The Index View which is showing all the claim for the user is:
@model IEnumerable<System.Security.Claims.Claim>
<table class="table table-sm table-bordered">
<tr>
<th>Subject</th>
<th>Issuer</th>
<th>Type</th>
<th>Value</th>
</tr>
@foreach (var claim in Model.OrderBy(x => x.Type))
{
<tr>
<td>@claim.Subject.Name</td>
<td>@claim.Issuer</td>
<td>@claim.Type</td>
<td>@claim.Value</td>
</tr>
}
</table>
Example: I added a claim, see the below image
But the Index View did not fetched the claim, see the below image:
What is wrong?
回答1:
If you want to save the claims to User?.Claims, you need to call _signInManager.Context.SignInAsync with updated ClaimsIdentity.
Follow steps below:
Extension for signin with new
ClaimsIdentitypublic class CustomClaimsCookieSignInHelper<TIdentityUser> where TIdentityUser : IdentityUser { private readonly SignInManager<TIdentityUser> _signInManager; public CustomClaimsCookieSignInHelper(SignInManager<TIdentityUser> signInManager) { _signInManager = signInManager; } public async Task SignInUserAsync(ClaimsIdentity claimsIdentity) { await _signInManager.Context.SignInAsync(IdentityConstants.ApplicationScheme, new ClaimsPrincipal(claimsIdentity)); } }Register
CustomClaimsCookieSignInHelper<TIdentityUser>services.AddTransient<CustomClaimsCookieSignInHelper<IdentityUser>>();Update User Claims
public class IdentityController : Controller { private readonly CustomClaimsCookieSignInHelper<IdentityUser> _signInHelper; private readonly UserManager<IdentityUser> _userManager; public IdentityController(CustomClaimsCookieSignInHelper<IdentityUser> signInHelper , UserManager<IdentityUser> userManager) { _signInHelper = signInHelper; _userManager = userManager; } public ViewResult Index() => View(User?.Claims); [HttpGet] [ActionName("Create")] public IActionResult Create_Post() { return View(); } [HttpPost] [ActionName("Create")] public async Task<IActionResult> Create_Post(string claimType, string claimValue, string claimIssuer) { ClaimsIdentity identity = User.Identity as ClaimsIdentity; Claim claim = new Claim(claimType, claimValue, ClaimValueTypes.String, claimIssuer); identity.AddClaim(claim); await _signInHelper.SignInUserAsync(identity); return RedirectToAction("Index"); } }
回答2:
Claims added to a authenticated user will not persisted through others requests. Claims must be added before login.
You can take a look here to see how to add claims to the user.
And here for an example on how to change user claims after login.
来源:https://stackoverflow.com/questions/52653344/claims-added-to-claimsidentity-getting-lost-in-asp-net-core-identity-system