We inconsistently (and incorrectly in most places) use the term claim to describe a user / client permission that we encode into JWTs for access control. The correct term for this would be role.
In the OAuthHandler we encode User.Scopes and Client.Scopes into the JWT as claims with a ClaimType of ClaimTypes.Role. In the JWT they appear as such:
{
"role": [
"whitelist",
"admin",
"user"
]
}
I know this is mostly semantics, but it helps cut confusion especially since there are spots where we do actually encode a custom ClaimType like rate limit overriding. This PR is just the refactoring for namespaces and naming convention. I will be updating some code for OAuth as well.
We inconsistently (and incorrectly in most places) use the term
claimto describe a user / client permission that we encode into JWTs for access control. The correct term for this would berole.In the
OAuthHandlerwe encodeUser.ScopesandClient.Scopesinto the JWT as claims with aClaimTypeofClaimTypes.Role. In the JWT they appear as such:I know this is mostly semantics, but it helps cut confusion especially since there are spots where we do actually encode a custom
ClaimTypelike rate limit overriding. This PR is just the refactoring for namespaces and naming convention. I will be updating some code for OAuth as well.