Generating an Identity User with Roles (From Web API to MVC Application)

Question

Currently developing a couple of applications (MVC and Web API) where my MVC application will send the request to the API to get authenticated and "login". I've got it working so that all my MVC application has to do is store the bearer token from the Web API and attach it anytime it needs to make a request for data.

At this point in the program we are looking to start working with Authorization and some security trimming to limit which users can make certain requests to the API and which users are able to see certain pages on the MVC application. In order to do this on both ends I need to get the Roles from my API and impersonate the Identity user on the MVC side since they are technically already logged in. My problem right now is probably kind of simple, but I can't figure out how to declare the Roles when I generate an identity user. Right now I just need a test case that we can explicitly declare and then I can grab it later once we start passing Roles from the API.

Any idea how to make a functioning example out of this with Roles?

private IdentityUser GenerateIdentityUser(string IdNum, string userN)
        {
            var newUser = new IdentityUser
            {
                Id = IdNum,
                UserName = userN,
                // Roles = 
                SecurityStamp = DateTime.Now.Ticks.ToString()
            };

            return newUser;
        }

Answer 1

The Roles property in the IdentityUser has a private setter (see codeplex source code). The constructor for IdentityUser always creates an empty list of roles, so that it won't be null.

To set a role you'll need to add the following line after initializing your newUser object:

newUser.Roles.Add(new IdentityUserRole {UserId = newUser.Id, RoleId = "your role id"});