Core 3.0 ApplicationUser is always empty

Question

I have extended Identityuser

public class ApplicationUser : IdentityUser
{
    [MaxLength(150)]
    public string FirstName { get ; set ; }

    [MaxLength(150)] 
    public string LastName { get ; set ; }

    public int AlternateUserId { get ; set ; }

    [MaxLength(150)] 
    public string CompanyName { get ; set ; }

    [MaxLength(38)] 
    [Required] 
    public string ClientId { get ; set ; }

    [Required] 
    public int ShortClient { set ; get ; }

    public bool  Locked { set ; get ; }
}

In Startup.cs i have:

 services.AddIdentity<ApplicationUser, IdentityRole>().AddDefaultUI().AddEntityFrameworkStores<ApplicationDbContext>();
 services.AddSingleton<ApplicationUser>();

But in

public static class IdentityExtentionMethods
{
   public static string FirstName(this IIdentity identity)
   {
      var claim = ((ClaimsIdentity)identity).FindFirst(ClaimTypes.GivenName);

      // Test for null to avoid issues during local testing
      return (claim != null) ? claim.Value : string.Empty;
   }
}

Claim is always null and anywhere I try to inject ApplicationUser the variable is available but it is not populated with the user information.

@inject ApplicationUser applicationUser
@inject SignInManager<ApplicationUser> signInManager;

Instead it has some dummy values in a few of the Guid fields and most everything else is null.

Answer 1

As Chris Pratt points out you can't get ApplicationUser via injection in Core 3.x I am not sure about earlier versions. To bad its not in the documentation anywhere that I could see.

But you can get

SignInManager<ApplicationUser> _signInManager, 
UserManager <ApplicationUser> _userManager
ApplicationDbContext  _dbContext

And as Chris also points out you can get

ClaimsPrincipal

and

IPrincipal

I have IPrincipal and as the code shows below, that with SignInManager & UserManager is all you need to get ApplicationUser

public static class IdentityExtentionMethods
{
    public static bool IsSysAdmin(this IPrincipal _principal,
                             SignInManager<ApplicationUser> _signInManager, 
                             UserManager <ApplicationUser> _userManager)
    {              
         var x = isSysAdmin(_principal, _signInManager, _userManager);
         if (x.Result == false)
             return false;
         else
             return true;
     }

     public static async Task<bool> isSysAdmin(this IPrincipal _principal,
                            SignInManager<ApplicationUser> _signInManager,
                             UserManager <ApplicationUser> _userManager)
     {
         var ci = _principal.Identity as ClaimsIdentity;
         var userName = ci != null ? ci.FindFirst(ClaimTypes.Name) : null;
         string username = userName?.Value;
            // get ApplicationUser
         var appUser = await _userManager.FindByNameAsync( username);
         var _userClaims = await   
                 _signInManager.ClaimsFactory.CreateAsync(appUser);
         if (_userClaims.UserHasThisPermission(Permissions.AccessAll))
             return true;
         else
             return false;

     }
     public static bool HasRole( this IPrincipal _principal,                                                           
                                 string roleName,
                                 SignInManager<ApplicationUser> _signInManager, 
                                 UserManager <ApplicationUser> _userManager,
                                   ApplicationDbContext _dbContext)

    {
        var x = hasrole ( _principal , roleName , _signInManager , _userManager , _dbContext ) ;
        if (x.Result == false)
            return false;
        else
            return true;
    }
    private static async Task<bool> hasrole ( this IPrincipal _principal,
                                 string roleName,
                                  SignInManager<ApplicationUser> _signInManager, 
                                  UserManager <ApplicationUser> _userManager,
                                  ApplicationDbContext _dbContext)
    { 
         if (roleName == null) 
             throw new ArgumentNullException(nameof(roleName));

         var ci = _principal.Identity as ClaimsIdentity;
         var userName = ci != null ? ci.FindFirst(ClaimTypes.Name) : null;
         string username = userName?.Value;
         var appUser = await _userManager.FindByNameAsync( username);

         if (_dbContext.Find<UserToRole>(appUser.Id, roleName) != null)
         {
             return true ;
         }

         return false ;
    }
}

You access like this from _layout.cshtml

@using Microsoft.AspNetCore.Identity        
@inject ApplicationDbContext dbcontext ;
@inject UserManager<ApplicationUser> userManager ;
@inject SignInManager<ApplicationUser> signInManager;

;;
;;

@if ( this.User.IsSysAdmin ( signInManager , userManager ) )
{
   <!-- add menu stuff -->
}
@if ( this.User.HasRole ( signInManager , userManager,dbcontext ) )
{
   <!-- add menu stuff -->
}

certainly seems like a lot of stuff to pass around but it gets the job done.

BTW, the claims stuff is from https://www.thereformedprogrammer.net/part-7-adding-the-better-asp-net-core-authorization-code-into-your-app/

Jon Smith has written a wonderful app which has an MIT open source license and allows you to use roles and permissions in Core 3.0/1 It is very complex but he provided a scaled down version https://github.com/JonPSmith/PermissionsOnlyApp that works well. Thanks Jon.

Answer 2

Yeah, you can't just inject ApplicationUser. After authentication, all you have is a ClaimsPrincipal, not an ApplicationUser instance. If you need an actual ApplicationUser instance, then you must query that out of the database based on the user id present in the ClaimsPrincipal (HttpContext.User.FindFirstValue(ClaimTypes.NameIdentifier)).