asp.net-web-api


User claim update not effected in ASP.NET Identity?


i need to update the user claim in web api after the user logged in.
but after updating the user claim it will still return previous values.
bellow code used to update active user group after the user logged in.
/// <summary>
/// The class AppUser
/// </summary>
public class AppUser : ClaimsPrincipal
{
/// <summary>
/// Initializes a new instance of the <see cref="AppUser"/> class.
/// </summary>
/// <param name="principal">The principal.</param>
public AppUser(ClaimsPrincipal principal)
: base(principal)
{
}
/// <summary>
/// Gets the name.
/// </summary>
/// <value>
/// The name.
/// </value>
public string Name
{
get
{
return this.FindFirst(ClaimTypes.Name).Value;
}
}
/// <summary>
/// Gets the name of the user.
/// </summary>
/// <value>
/// The name of the user.
/// </value>
public string UserName
{
get
{
return this.FindFirst("UserName").Value;
}
}
/// <summary>
/// Gets the active group.
/// </summary>
/// <value>
/// The active group.
/// </value>
public string ActiveGroup
{
get
{
return ((ClaimsIdentity)this.Identity).FindFirst("ActiveGroup").Value;
}
}
/// <summary>
/// Gets the email.
/// </summary>
/// <value>
/// The email.
/// </value>
public string Email
{
get
{
return this.FindFirst("Email").Value;
}
}
}
/// <summary>
/// The class BaseController
/// </summary>
public class BaseController : ApiController
{
/// <summary>
/// Gets the current user.
/// </summary>
/// <value>
/// The current user.
/// </value>
public AppUser CurrentUser
{
get
{
return new AppUser(this.User as ClaimsPrincipal);
}
}
}
public class AccountController : BaseController
{
[HttpPost]
[Route("UpdateUserGroup")]
public int UpdateUserGroup(string userGroup)
{
var user = User as ClaimsPrincipal;
var identity = user.Identity as ClaimsIdentity;
identity.RemoveClaim(identity.FindFirst("ActiveGroup"));
identity.AddClaim(new Claim("ActiveGroup", this.GetRoleNameByPresenter(userGroup)));
return 1;
}
}
The problem is that the claims are used in the authentication process and are part of the authentication token/cookie. If you want to remove a claim from the current user then you need to make sure the client get a new token/cookie.
If you're running for example bearer tokens with your api then you need to generate a new token and return that token to the client from your UpdateUserGroup(). The client then need to use the new token the next time it makes a request to the api.

Related Links

Openiddict multiple refresh tokens
SignalR and OpenId Connect
NSeviceBus 6 - How to inject IMessageSession using Autofac into a .Net Web API Controller?
Sample active-directory-dotnet-webapi-onbehalfof not working
SwaggerUI not displaying Model Schema
How to create a Repository pattern using autofac DI, custom IdentityUser, UserManager, UserStore with AD (not ADFS) in WEB API using OWIN JWT token?
WebApi Reference Error
OWIN CORS Issue in Web API
Web API calls stopped working
How to avoid multiple API calls for multiple object automapping
Why does one of two identical REST requests work and not the other?
ASP.NET Web API returns NULL for object when using XML
ASP.NET Core WebUI and WebAPI relations
Make json the default formatter in asp.net web api 2
Type controller does not have a default constructor
Swagger with WebApi and OWIn

Categories

HOME
batch-file
checkstyle
spark-streaming
awk
linkedin
codenvy
mjml
flex
obfuscation
apiblueprint
package
socket.io
knitr
owl-carousel
seo
entity-framework-core
pyqt4
gembox-spreadsheet
jquery-ui
retrofit2
frontend
discrete-mathematics
pcl-crypto
owin
commonjs
heap
resultset
datastage
openbugs
azure-powershell
job-scheduling
html5-appcache
apache2.4
selinux
breadth-first-search
ksh
dpdk
mongoid6
scriptella
definitelytyped
linked-data
failover
mobx
cognos-bi
cart
mailkit
github3.py
timing
mongoose-schema
stringtokenizer
portforwarding
naming
microsoft-metro
lpsolve
bindingnavigator
getchar
sonarlint-eclipse
jquery-ui-draggable
pair-programming
context-switch
spring-data-couchbase
oracleclient
colorbar
bbpress
trigger.io
change-tracking
simplepie
grails-plugin
hadoop-2.7.2
webjars
dotnetnuke-7
android-dateutils
simevents
observablecollection
jclouds
jtwig
aurora
ellucian-scribe
blitline
ascii-art
concurrentmodification
opl
gocql
dllimport
intel-c++
opserver
dulwich
java-security
raygun
mdichild
winginx
gae-quotas
koala
high-resolution
code-duplication
model-driven-development
route-provider
diem
cardreader
http-status-code-410
fb.ui
qi4j
subgraph
thttpd
isa-swizzling
virtualpathprovider
tournament
drawtobitmap
xui
ruby-1.8
instantiationexception
interprocess
web-garden
murmurhash
flvplayback

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App