CODEWITHSUNDEEP
asp.net-coreauthenticationazure-active-directory
Don Sartain
Don Sartain

Reputation: 617

Access Current User in ASP.NET Core Startup.cs

I'm authenticated users using Azure AD and I'm trying to add roles to the authenticated user using the middleware below. The problem is that I can't find anything that tells me how I can access the current User in the Startup class to be able to add the roles.

Everything talks about in the controller or in repositories further down.

Does anyone know how I can get access to the User in the Startup class?

services.Configure<OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme, options =>
            {
                options.Events = new OpenIdConnectEvents
                {
                    OnTokenValidated = ctx =>
                    {
                        // claimsIdentity we want to add our roles to...
                        ClaimsIdentity claimsIdentity = HttpContext.User.Identity as ClaimsIdentity;

                        // List of claims
                        var appRoles = new System.Collections.Generic.List<Claim>();

                        foreach (Claim claim in ClaimsPrincipal.Current.FindAll("groups"))
                        {
                            // use the OID and get a friendly name to use as the role (if it exists)
                            var groupStringValue = Configuration[$"AcceptedRoles:{claim.Value}"];
                            if (groupStringValue != null)
                            {
                                // build the list
                                appRoles.Add(new Claim(claimsIdentity.RoleClaimType, groupStringValue));
                            }
                        }

                        if (appRoles.Count > 0)
                        {
                            // if anything in the list, add these claims to the current identity
                            claimsIdentity.AddClaims(appRoles);
                        }

                        return Task.CompletedTask;
                    },
                };
            });

Upvotes: 2

Views: 2113

Answers (2)

Maharshi
Maharshi

Reputation: 41

You can use this in your project:

httpContextAccessor.HttpContext.User.Identity.Name;

You can also reference below link

How to Get the Current User in ASP.NET Core

Upvotes: -1

scharnyw
scharnyw

Reputation: 2666

The current user (the ClaimsPrincipal) is available from TokenValidatedContext.HttpContext.User:

OnTokenValidated = ctx =>
{
    var user = ctx.HttpContext.User;
    ...
}

However, because you are modifying the user that has already been authenticated by Open ID Connect, you should access the ClaimsPrincipal via TokenValidatedContext.Principal instead of TokenValidatedContext.HttpContext.User. Depending on your scenario, you can either add the additional claims directly on the default ClaimsIdentity (which contains the Open ID Connect claims), or create a separate ClaimsIdentity for your own purposes:

OnTokenValidated = ctx =>
{
    // This is the ClaimsIdentity created by OpenID Connect, you can add claims to it directly
    ClaimsIdentity claimsIdentity = ctx.Principal.Identities.FirstOrDefault();
    claimsIdentity.AddClaim(new Claim(...));

    // You can also add a new ClaimsIdentity to hold the claims that you'll add
    ctx.Principal.AddIdentity(new ClaimsIdentity(...))
}

Upvotes: 2

Related Questions