re-working claims for aspnet core identity integration and backwards compat

2025-07-01 08:02:49 -05:00 · 2017-01-11 21:46:36 -05:00
parent 54711e634b
commit 038c98cfaf
8 changed files with 35 additions and 16 deletions
--- a/src/Api/Controllers/AccountsController.cs
+++ b/src/Api/Controllers/AccountsController.cs
@ -64,6 +64,7 @@ namespace Bit.Api.Controllers
        [HttpPost("email-token")]
        public async Task PostEmailToken([FromBody]EmailTokenRequestModel model)
        {
+            _currentContext.User = await _userService.GetUserByIdAsync(_userManager.GetUserId(User));
            if(!await _userManager.CheckPasswordAsync(_currentContext.User, model.MasterPasswordHash))
            {
                await Task.Delay(2000);
@ -151,10 +152,11 @@ namespace Bit.Api.Controllers
        }

        [HttpGet("profile")]
-        public Task<ProfileResponseModel> GetProfile()
+        public async Task<ProfileResponseModel> GetProfile()
        {
+            _currentContext.User = await _userService.GetUserByIdAsync(_userManager.GetUserId(User));
            var response = new ProfileResponseModel(_currentContext.User);
-            return Task.FromResult(response);
+            return response;
        }

        [HttpPut("profile")]
@ -165,7 +167,7 @@ namespace Bit.Api.Controllers

            var response = new ProfileResponseModel(_currentContext.User);
            return response;
-        }                      
+        }

        [HttpGet("two-factor")]
        public async Task<TwoFactorResponseModel> GetTwoFactor(string masterPasswordHash, TwoFactorProviderType provider)
--- a/src/Api/Controllers/AliveController.cs
+++ b/src/Api/Controllers/AliveController.cs
@ -16,7 +16,7 @@ namespace Bit.Api.Controllers
        [HttpGet("claims")]
        public IActionResult Claims()
        {
-            return new JsonResult(User.Claims.Select(c => new { c.Type, c.Value }));
+            return new JsonResult(User?.Claims?.Select(c => new { c.Type, c.Value }));
        }
    }
 }
--- a/src/Api/Startup.cs
+++ b/src/Api/Startup.cs
@ -28,7 +28,6 @@ using Bit.Api.Middleware;
 using IdentityServer4.Validation;
 using IdentityServer4.Services;
 using IdentityModel.AspNetCore.OAuth2Introspection;
-using Microsoft.AspNetCore.Authorization.Infrastructure;

 namespace Bit.Api
 {
@ -89,7 +88,7 @@ namespace Bit.Api
            services.AddIdentityServer()
                // TODO: Add proper signing creds
                .AddTemporarySigningCredential()
-                .AddInMemoryApiResources(Resources.GetApiResources())
+                .AddInMemoryApiResources(ApiResources.GetApiResources())
                .AddInMemoryClients(Clients.GetClients());
            services.AddSingleton<IResourceOwnerPasswordValidator, ResourceOwnerPasswordValidator>();
            services.AddSingleton<IProfileService, ProfileService>();