asp.net-web-api


User claim update not effected in ASP.NET Identity?


i need to update the user claim in web api after the user logged in.
but after updating the user claim it will still return previous values.
bellow code used to update active user group after the user logged in.
/// <summary>
/// The class AppUser
/// </summary>
public class AppUser : ClaimsPrincipal
{
/// <summary>
/// Initializes a new instance of the <see cref="AppUser"/> class.
/// </summary>
/// <param name="principal">The principal.</param>
public AppUser(ClaimsPrincipal principal)
: base(principal)
{
}
/// <summary>
/// Gets the name.
/// </summary>
/// <value>
/// The name.
/// </value>
public string Name
{
get
{
return this.FindFirst(ClaimTypes.Name).Value;
}
}
/// <summary>
/// Gets the name of the user.
/// </summary>
/// <value>
/// The name of the user.
/// </value>
public string UserName
{
get
{
return this.FindFirst("UserName").Value;
}
}
/// <summary>
/// Gets the active group.
/// </summary>
/// <value>
/// The active group.
/// </value>
public string ActiveGroup
{
get
{
return ((ClaimsIdentity)this.Identity).FindFirst("ActiveGroup").Value;
}
}
/// <summary>
/// Gets the email.
/// </summary>
/// <value>
/// The email.
/// </value>
public string Email
{
get
{
return this.FindFirst("Email").Value;
}
}
}
/// <summary>
/// The class BaseController
/// </summary>
public class BaseController : ApiController
{
/// <summary>
/// Gets the current user.
/// </summary>
/// <value>
/// The current user.
/// </value>
public AppUser CurrentUser
{
get
{
return new AppUser(this.User as ClaimsPrincipal);
}
}
}
public class AccountController : BaseController
{
[HttpPost]
[Route("UpdateUserGroup")]
public int UpdateUserGroup(string userGroup)
{
var user = User as ClaimsPrincipal;
var identity = user.Identity as ClaimsIdentity;
identity.RemoveClaim(identity.FindFirst("ActiveGroup"));
identity.AddClaim(new Claim("ActiveGroup", this.GetRoleNameByPresenter(userGroup)));
return 1;
}
}
The problem is that the claims are used in the authentication process and are part of the authentication token/cookie. If you want to remove a claim from the current user then you need to make sure the client get a new token/cookie.
If you're running for example bearer tokens with your api then you need to generate a new token and return that token to the client from your UpdateUserGroup(). The client then need to use the new token the next time it makes a request to the api.

Related Links

Can not get claims from bearer token in MVC front end app
401 response when using Xamarin and IdentityModel to WebAPI secured by IdentityServer 3
eve REST API and how to post a role list for role based authentication
Async Web API and Ajax
How to push content from server side to client side using SignalR?
OData function routing conventions
Timeout on multiple POSTs to web api hosted in mono xsp
Why Owin Not get fired while upgrade .Net 4 to .Net 4.5
WebApi Helppage Description Column
Deploying Azure WebApi on multi parameter not working as it was working fine locally
ASP.NET Web API Data Confusion
Create an ActionResult to serve request that can have the Id value come in either in body or query string
How to use Token and Identity Authorization on resource?
Having trouble accessing Web API hosted on IIS 6.0
Get bearer access token in api logging
Manifest File Not Found while Building New Azure Fabric Service

Categories

HOME
uml
url-redirection
kentico
prism
swt
error-handling
opendj
switch-statement
cakephp-3.4
vxml
ado.net
nstableheaderview
character
teechart
startup
stellar.js
zerobrane
glyphicons
chargify
xmonad
interpreter
xunit
siri
google-cloud-print
beautifier
opentk
custom-post-type
motion-detection
apktool
inversion-of-control
tizen-tv
winpe
scrollview
left-join
fstream
getpixel
hunspell
carriage-return
reverse
raft
alphabetical
xcode7.3
health-monitoring
typesafe-config
unordered-map
preloader
claims
clang++
vaadin-elements
automapper-5
zenhub
boxing
gpg-signature
cpu-cache
cd-burning
change-tracking
smartfoxserver
cronexpression
redistributable
seek
synonym
cifilter
clipboard.js
nservicebus5
project-organization
false-sharing
dynatree
file-move
pypiserver
roadkill-wiki
zen-cart
sapscript
evolus-pencil
ember-cli-rails
dulwich
baasbox
teamcity-9.1
git-ftp
entity-framework-4.3
zend-currency
android-broadcast
fits
document-repository
sonarqube-5.0
contrast
unix-socket
lambda-architecture
cancellation
multiautocompletetextview
dtmf
hidapi
font-awesome-4.0.0
robotlegs
patricia-trie
josql
lambdaj
failing-tests
fitbounds
expression-blend-4
google-floodlight
objective-j
isapi-extension
murmurhash
glui
unmanagedresources
online-storage

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App