RouteClaimsRequirement conundrum #1899
Replies: 2 comments 2 replies
-
I can add the following to the bottom scheme shown above ("IDP2") but the events never get raised:
|
Beta Was this translation helpful? Give feedback.
-
Hi Clay! You've described rare user scenario. Also, Authorization Middleware can be overridden! Based on your user scenario, I would say, you need to override
That's wrong! If you override Auth middlewares then "you will be able to capture additional properties like the username for logging". |
Beta Was this translation helpful? Give feedback.
-
Expected Behavior / New Feature
RouteClaimsRequirement should work with IdentityServer4 + AddJwtBearer
or
IdentityServer4 + Action should have token validated event
Actual Behavior
Currently, when using IdentityServer4 you have to choose whether you want to use multiple roles along with RouteClaimsRequirement, or if you want to be able to capture additional properties like the username for logging, but you can't do both.
Steps to Reproduce the Problem
If you use a scheme for IdentityServer4 with AddJwtBearer it does appear to work and I have the ability to listen to the token validation event so I can grab additional information for logging. Problem is, RouteClaimsRequirement doesn't work with roles. Here is the configuration of my scheme for this scenario:
If you use a scheme for IdentityServer4 like the documentation suggests using Action, RouteClaimsRequirement now works with multiple roles no problem, but there is no way for me to listen to the token validation event. I need this so I can grab the username for logging purposes. Here is my other custom scheme:
Specifications
Beta Was this translation helpful? Give feedback.
All reactions