UserSecurityActor does not expose the claims principal

dolittle / Home

Dolittle is a platform designed to build Line of Business applications without sacrificing architectural quality, code quality or scalability.

http://www.dolittle.io

MIT License

27 stars 5 forks source link

UserSecurityActor does not expose the claims principal #74

Open KristofferBerge opened 4 years ago

KristofferBerge commented 4 years ago

It's not easy to extend the UserSecurityActor to check more than Roles and Claims because it does not expose the ClaimsPrincipal.

If it exposes that we can extend it to check for whatever we need.

┆Issue is synchronized with this Asana task

KristofferBerge commented 4 years ago

Our use case is to find a value in the scope claim. The scope claim contains a list of scopes. If there was a claim contains rule, we would not have to implement this ourselves.

ghost commented 4 years ago

➤ Einar Ingebrigtsen commented:

Are you looking for a value within the claim value, or is it the whole value. If it's the latter, you could use the method called HasClaimTypeWithValue(). (https://github.com/dolittle-fundamentals/DotNET.Fundamentals/blob/master/Source/Security/IUserSecurityActor.cs)

KristofferBerge commented 4 years ago

The scope claim contains a list of values. I would like to check if a given value is in that list