Cannot access JWT claim in WebApi authorization token

I was able to implement the below JWT solution in my MVC WebApi following below link JWT Authentication for Asp.Net Web Api

Now, I want to access claim in the controllers, but all claims are null. I have tried a few things and all of them returns null.

How is claim added in JwtAuthenticationAttribute:

protected Task<IPrincipal> AuthenticateJwtToken(string token)
 
 string username;

 if (ValidateToken(token, out username))
 
 //Getting user department to add to claim.
 eTaskEntities _db = new eTaskEntities();
 var _user = (from u in _db.tblUsers join d in _db.tblDepartments on u.DepartmentID equals d.DepartmentID select u).FirstOrDefault();
 var department = _user.DepartmentID;

 // based on username to get more information from database in order to build local identity
 var claims = new List<Claim>
 
 new Claim(ClaimTypes.Name, username),
 new Claim(ClaimTypes.SerialNumber, department.ToString())
 // Add more claims if needed: Roles, ...
 ;

 var identity = new ClaimsIdentity(claims, "Jwt");
 IPrincipal user = new ClaimsPrincipal(identity);

 return Task.FromResult(user);
 

 return Task.FromResult<IPrincipal>(null);

What I have tried so far

Extension method to get claim:

public static class IPrincipleExtension

 public static String GetDepartment(this IIdentity principal)
 
 var identity = HttpContext.Current.User.Identity as ClaimsIdentity;
 if (identity != null)
 
 return identity.FindFirst("SerialNumber").Value;
 
 else
 return null;

Using the function defined in the post (link above):

TokenManager.GetPrincipal(Request.Headers.Authorization.Parameter).FindFirst("SerialNumber")

Trying to access Claim through thread:

((ClaimsPrincipal)System.Threading.Thread.CurrentPrincipal.Identity).FindFirst("SerialNumber")

For all the above, a claim is always null. What am I doing wrong?

asked Nov 14 '18 at 9:03

Hitin

187214

In your GetDepartment method what do you see if you add a watch to the identity variable and inspect identity.Claims?

– Alistair Findlay
Nov 14 '18 at 11:41

add a comment |

I was able to implement the below JWT solution in my MVC WebApi following below link JWT Authentication for Asp.Net Web Api

Now, I want to access claim in the controllers, but all claims are null. I have tried a few things and all of them returns null.

How is claim added in JwtAuthenticationAttribute:

protected Task<IPrincipal> AuthenticateJwtToken(string token)
 
 string username;

 if (ValidateToken(token, out username))
 
 //Getting user department to add to claim.
 eTaskEntities _db = new eTaskEntities();
 var _user = (from u in _db.tblUsers join d in _db.tblDepartments on u.DepartmentID equals d.DepartmentID select u).FirstOrDefault();
 var department = _user.DepartmentID;

 // based on username to get more information from database in order to build local identity
 var claims = new List<Claim>
 
 new Claim(ClaimTypes.Name, username),
 new Claim(ClaimTypes.SerialNumber, department.ToString())
 // Add more claims if needed: Roles, ...
 ;

 var identity = new ClaimsIdentity(claims, "Jwt");
 IPrincipal user = new ClaimsPrincipal(identity);

 return Task.FromResult(user);
 

 return Task.FromResult<IPrincipal>(null);

What I have tried so far

Extension method to get claim:

public static class IPrincipleExtension

 public static String GetDepartment(this IIdentity principal)
 
 var identity = HttpContext.Current.User.Identity as ClaimsIdentity;
 if (identity != null)
 
 return identity.FindFirst("SerialNumber").Value;
 
 else
 return null;

Using the function defined in the post (link above):

TokenManager.GetPrincipal(Request.Headers.Authorization.Parameter).FindFirst("SerialNumber")

Trying to access Claim through thread:

((ClaimsPrincipal)System.Threading.Thread.CurrentPrincipal.Identity).FindFirst("SerialNumber")

For all the above, a claim is always null. What am I doing wrong?

asked Nov 14 '18 at 9:03

Hitin

187214

In your GetDepartment method what do you see if you add a watch to the identity variable and inspect identity.Claims?

– Alistair Findlay
Nov 14 '18 at 11:41

add a comment |

I was able to implement the below JWT solution in my MVC WebApi following below link JWT Authentication for Asp.Net Web Api

Now, I want to access claim in the controllers, but all claims are null. I have tried a few things and all of them returns null.

How is claim added in JwtAuthenticationAttribute:

protected Task<IPrincipal> AuthenticateJwtToken(string token)
 
 string username;

 if (ValidateToken(token, out username))
 
 //Getting user department to add to claim.
 eTaskEntities _db = new eTaskEntities();
 var _user = (from u in _db.tblUsers join d in _db.tblDepartments on u.DepartmentID equals d.DepartmentID select u).FirstOrDefault();
 var department = _user.DepartmentID;

 // based on username to get more information from database in order to build local identity
 var claims = new List<Claim>
 
 new Claim(ClaimTypes.Name, username),
 new Claim(ClaimTypes.SerialNumber, department.ToString())
 // Add more claims if needed: Roles, ...
 ;

 var identity = new ClaimsIdentity(claims, "Jwt");
 IPrincipal user = new ClaimsPrincipal(identity);

 return Task.FromResult(user);
 

 return Task.FromResult<IPrincipal>(null);

What I have tried so far

Extension method to get claim:

public static class IPrincipleExtension

 public static String GetDepartment(this IIdentity principal)
 
 var identity = HttpContext.Current.User.Identity as ClaimsIdentity;
 if (identity != null)
 
 return identity.FindFirst("SerialNumber").Value;
 
 else
 return null;

Using the function defined in the post (link above):

TokenManager.GetPrincipal(Request.Headers.Authorization.Parameter).FindFirst("SerialNumber")

Trying to access Claim through thread:

((ClaimsPrincipal)System.Threading.Thread.CurrentPrincipal.Identity).FindFirst("SerialNumber")

For all the above, a claim is always null. What am I doing wrong?

asked Nov 14 '18 at 9:03

Hitin

187214

I was able to implement the below JWT solution in my MVC WebApi following below link JWT Authentication for Asp.Net Web Api

Now, I want to access claim in the controllers, but all claims are null. I have tried a few things and all of them returns null.

How is claim added in JwtAuthenticationAttribute:

protected Task<IPrincipal> AuthenticateJwtToken(string token)
 
 string username;

 if (ValidateToken(token, out username))
 
 //Getting user department to add to claim.
 eTaskEntities _db = new eTaskEntities();
 var _user = (from u in _db.tblUsers join d in _db.tblDepartments on u.DepartmentID equals d.DepartmentID select u).FirstOrDefault();
 var department = _user.DepartmentID;

 // based on username to get more information from database in order to build local identity
 var claims = new List<Claim>
 
 new Claim(ClaimTypes.Name, username),
 new Claim(ClaimTypes.SerialNumber, department.ToString())
 // Add more claims if needed: Roles, ...
 ;

 var identity = new ClaimsIdentity(claims, "Jwt");
 IPrincipal user = new ClaimsPrincipal(identity);

 return Task.FromResult(user);
 

 return Task.FromResult<IPrincipal>(null);

What I have tried so far

Extension method to get claim:

public static class IPrincipleExtension

 public static String GetDepartment(this IIdentity principal)
 
 var identity = HttpContext.Current.User.Identity as ClaimsIdentity;
 if (identity != null)
 
 return identity.FindFirst("SerialNumber").Value;
 
 else
 return null;

Using the function defined in the post (link above):

TokenManager.GetPrincipal(Request.Headers.Authorization.Parameter).FindFirst("SerialNumber")

Trying to access Claim through thread:

((ClaimsPrincipal)System.Threading.Thread.CurrentPrincipal.Identity).FindFirst("SerialNumber")

For all the above, a claim is always null. What am I doing wrong?

c# asp.net-mvc asp.net-web-api authorization jwt

asked Nov 14 '18 at 9:03

Hitin

187214

asked Nov 14 '18 at 9:03

Hitin

187214

asked Nov 14 '18 at 9:03

Hitin

187214

asked Nov 14 '18 at 9:03

Hitin

187214

asked Nov 14 '18 at 9:03

Hitin

187214

In your GetDepartment method what do you see if you add a watch to the identity variable and inspect identity.Claims?

– Alistair Findlay
Nov 14 '18 at 11:41

add a comment |

In your GetDepartment method what do you see if you add a watch to the identity variable and inspect identity.Claims?

– Alistair Findlay
Nov 14 '18 at 11:41

In your GetDepartment method what do you see if you add a watch to the identity variable and inspect identity.Claims?

– Alistair Findlay
Nov 14 '18 at 11:41

add a comment |

0

active

oldest

votes

Your Answer

StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);

);

draft saved

draft discarded

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53296381%2fcannot-access-jwt-claim-in-webapi-authorization-token%23new-answer', 'question_page');

);

Post as a guest

Name

Required, but never shown

0

active

oldest

votes

0

active

oldest

votes

draft saved

draft discarded

Thanks for contributing an answer to Stack Overflow!

Please be sure to answer the question. Provide details and share your research!

But avoid …

Asking for help, clarification, or responding to other answers.

Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.

draft saved

draft discarded

Post as a guest

Name

Required, but never shown

Name

Required, but never shown

Name

Required, but never shown

This page is only for reference, If you need detailed information, please check here

搜尋此網誌

Odtnhj