Cannot access JWT claim in WebApi authorization token












0















I was able to implement the below JWT solution in my MVC WebApi following below link JWT Authentication for Asp.Net Web Api



Now, I want to access claim in the controllers, but all claims are null. I have tried a few things and all of them returns null.



How is claim added in JwtAuthenticationAttribute:



protected Task<IPrincipal> AuthenticateJwtToken(string token)
{
string username;

if (ValidateToken(token, out username))
{
//Getting user department to add to claim.
eTaskEntities _db = new eTaskEntities();
var _user = (from u in _db.tblUsers join d in _db.tblDepartments on u.DepartmentID equals d.DepartmentID select u).FirstOrDefault();
var department = _user.DepartmentID;

// based on username to get more information from database in order to build local identity
var claims = new List<Claim>
{
new Claim(ClaimTypes.Name, username),
new Claim(ClaimTypes.SerialNumber, department.ToString())
// Add more claims if needed: Roles, ...
};

var identity = new ClaimsIdentity(claims, "Jwt");
IPrincipal user = new ClaimsPrincipal(identity);

return Task.FromResult(user);
}

return Task.FromResult<IPrincipal>(null);
}


What I have tried so far



Extension method to get claim:



public static class IPrincipleExtension
{
public static String GetDepartment(this IIdentity principal)
{
var identity = HttpContext.Current.User.Identity as ClaimsIdentity;
if (identity != null)
{
return identity.FindFirst("SerialNumber").Value;
}
else
return null;
}
}


Using the function defined in the post (link above):



TokenManager.GetPrincipal(Request.Headers.Authorization.Parameter).FindFirst("SerialNumber")


Trying to access Claim through thread:



((ClaimsPrincipal)System.Threading.Thread.CurrentPrincipal.Identity).FindFirst("SerialNumber")


For all the above, a claim is always null. What am I doing wrong?










share|improve this question























  • In your GetDepartment method what do you see if you add a watch to the identity variable and inspect identity.Claims?

    – Alistair Findlay
    Nov 14 '18 at 11:41
















0















I was able to implement the below JWT solution in my MVC WebApi following below link JWT Authentication for Asp.Net Web Api



Now, I want to access claim in the controllers, but all claims are null. I have tried a few things and all of them returns null.



How is claim added in JwtAuthenticationAttribute:



protected Task<IPrincipal> AuthenticateJwtToken(string token)
{
string username;

if (ValidateToken(token, out username))
{
//Getting user department to add to claim.
eTaskEntities _db = new eTaskEntities();
var _user = (from u in _db.tblUsers join d in _db.tblDepartments on u.DepartmentID equals d.DepartmentID select u).FirstOrDefault();
var department = _user.DepartmentID;

// based on username to get more information from database in order to build local identity
var claims = new List<Claim>
{
new Claim(ClaimTypes.Name, username),
new Claim(ClaimTypes.SerialNumber, department.ToString())
// Add more claims if needed: Roles, ...
};

var identity = new ClaimsIdentity(claims, "Jwt");
IPrincipal user = new ClaimsPrincipal(identity);

return Task.FromResult(user);
}

return Task.FromResult<IPrincipal>(null);
}


What I have tried so far



Extension method to get claim:



public static class IPrincipleExtension
{
public static String GetDepartment(this IIdentity principal)
{
var identity = HttpContext.Current.User.Identity as ClaimsIdentity;
if (identity != null)
{
return identity.FindFirst("SerialNumber").Value;
}
else
return null;
}
}


Using the function defined in the post (link above):



TokenManager.GetPrincipal(Request.Headers.Authorization.Parameter).FindFirst("SerialNumber")


Trying to access Claim through thread:



((ClaimsPrincipal)System.Threading.Thread.CurrentPrincipal.Identity).FindFirst("SerialNumber")


For all the above, a claim is always null. What am I doing wrong?










share|improve this question























  • In your GetDepartment method what do you see if you add a watch to the identity variable and inspect identity.Claims?

    – Alistair Findlay
    Nov 14 '18 at 11:41














0












0








0








I was able to implement the below JWT solution in my MVC WebApi following below link JWT Authentication for Asp.Net Web Api



Now, I want to access claim in the controllers, but all claims are null. I have tried a few things and all of them returns null.



How is claim added in JwtAuthenticationAttribute:



protected Task<IPrincipal> AuthenticateJwtToken(string token)
{
string username;

if (ValidateToken(token, out username))
{
//Getting user department to add to claim.
eTaskEntities _db = new eTaskEntities();
var _user = (from u in _db.tblUsers join d in _db.tblDepartments on u.DepartmentID equals d.DepartmentID select u).FirstOrDefault();
var department = _user.DepartmentID;

// based on username to get more information from database in order to build local identity
var claims = new List<Claim>
{
new Claim(ClaimTypes.Name, username),
new Claim(ClaimTypes.SerialNumber, department.ToString())
// Add more claims if needed: Roles, ...
};

var identity = new ClaimsIdentity(claims, "Jwt");
IPrincipal user = new ClaimsPrincipal(identity);

return Task.FromResult(user);
}

return Task.FromResult<IPrincipal>(null);
}


What I have tried so far



Extension method to get claim:



public static class IPrincipleExtension
{
public static String GetDepartment(this IIdentity principal)
{
var identity = HttpContext.Current.User.Identity as ClaimsIdentity;
if (identity != null)
{
return identity.FindFirst("SerialNumber").Value;
}
else
return null;
}
}


Using the function defined in the post (link above):



TokenManager.GetPrincipal(Request.Headers.Authorization.Parameter).FindFirst("SerialNumber")


Trying to access Claim through thread:



((ClaimsPrincipal)System.Threading.Thread.CurrentPrincipal.Identity).FindFirst("SerialNumber")


For all the above, a claim is always null. What am I doing wrong?










share|improve this question














I was able to implement the below JWT solution in my MVC WebApi following below link JWT Authentication for Asp.Net Web Api



Now, I want to access claim in the controllers, but all claims are null. I have tried a few things and all of them returns null.



How is claim added in JwtAuthenticationAttribute:



protected Task<IPrincipal> AuthenticateJwtToken(string token)
{
string username;

if (ValidateToken(token, out username))
{
//Getting user department to add to claim.
eTaskEntities _db = new eTaskEntities();
var _user = (from u in _db.tblUsers join d in _db.tblDepartments on u.DepartmentID equals d.DepartmentID select u).FirstOrDefault();
var department = _user.DepartmentID;

// based on username to get more information from database in order to build local identity
var claims = new List<Claim>
{
new Claim(ClaimTypes.Name, username),
new Claim(ClaimTypes.SerialNumber, department.ToString())
// Add more claims if needed: Roles, ...
};

var identity = new ClaimsIdentity(claims, "Jwt");
IPrincipal user = new ClaimsPrincipal(identity);

return Task.FromResult(user);
}

return Task.FromResult<IPrincipal>(null);
}


What I have tried so far



Extension method to get claim:



public static class IPrincipleExtension
{
public static String GetDepartment(this IIdentity principal)
{
var identity = HttpContext.Current.User.Identity as ClaimsIdentity;
if (identity != null)
{
return identity.FindFirst("SerialNumber").Value;
}
else
return null;
}
}


Using the function defined in the post (link above):



TokenManager.GetPrincipal(Request.Headers.Authorization.Parameter).FindFirst("SerialNumber")


Trying to access Claim through thread:



((ClaimsPrincipal)System.Threading.Thread.CurrentPrincipal.Identity).FindFirst("SerialNumber")


For all the above, a claim is always null. What am I doing wrong?







c# asp.net-mvc asp.net-web-api authorization jwt






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 14 '18 at 9:03









HitinHitin

187214




187214













  • In your GetDepartment method what do you see if you add a watch to the identity variable and inspect identity.Claims?

    – Alistair Findlay
    Nov 14 '18 at 11:41



















  • In your GetDepartment method what do you see if you add a watch to the identity variable and inspect identity.Claims?

    – Alistair Findlay
    Nov 14 '18 at 11:41

















In your GetDepartment method what do you see if you add a watch to the identity variable and inspect identity.Claims?

– Alistair Findlay
Nov 14 '18 at 11:41





In your GetDepartment method what do you see if you add a watch to the identity variable and inspect identity.Claims?

– Alistair Findlay
Nov 14 '18 at 11:41












0






active

oldest

votes











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53296381%2fcannot-access-jwt-claim-in-webapi-authorization-token%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes
















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53296381%2fcannot-access-jwt-claim-in-webapi-authorization-token%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Bressuire

Vorschmack

Quarantine