UserId claim inconsistency between AccountController and CurrentUserService

[SarperMUTLUBAY]

What happened?

AccountController sets user.Id to claims with "ClaimTypes.NameIdentifier" claim type but CurrentUserService tries to fetch UserId from claims with "JtwClaimTypes.Subject" claim type.

What version of Intent Architect are you using?

4.3.4

Additional information

Project type : Clean architecture .NET Security : Identity Account Management Additional Module : Intent.Entities.BasicAuditing (v1.0.4)

[JonathanLydall]

Hi @SarperMUTLUBAY,

We appreciate you taking the time to bring this to our attention, I have logged this as a bug for us to look at as soon as possible.

To workaround this issue in the meantime you can add the following additional lines to AccountController.cs at line 383:

// IntentIgnore
claims.Add(new Claim(IdentityModel.JwtClaimTypes.Subject, user.Id));

Making it look like:

We apologize for any inconvenience caused.

[SarperMUTLUBAY]

Hi again @JonathanLydall I tried your workaround but it didn't work. When I add your workaround to the AccountController, it adds multiple "sub" claim values ​​to the token claims and the API starts returning an "invalid_token" error.

[dandrejvv]

Hi @SarperMUTLUBAY I had a look at this issue and made a fix for the Intent.AspNetCore.Identity.AccountController module. The solution will now ensure that the sub claim is now set to the User ID and it will still have the name claim that contains the account Email. Please update to version 4.1.0-pre.0 (include prerelease in Manage Modules page) for that module and review the changes during the Software Factory Execution to ensure it aligns with your implementation. Let me know if this solution works for you.

[SarperMUTLUBAY]

Hi @dandrejvv The new module update fixed the problem. Everything is fine now.