added ClaimTypes.NameIdentifier to claims potentially containing user id

max-bytes · Mar 12, 2024 · c4b7f1d · c4b7f1d
1 parent 0a3217f
commit c4b7f1d
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 5 deletions.
diff --git a/backend/Omnikeeper.Base/Authz/HttpUser.cs b/backend/Omnikeeper.Base/Authz/HttpUser.cs
@@ -84,8 +84,9 @@ public static HttpUser CreateAnonymousHttpUser(IEnumerable<Claim> claims)
             return new HttpUser("anonymous", "anonymous", anonymousGuid, UserType.Unknown, new HashSet<string>(), claims);
         }
 
-        public static HttpUser CreateHttpUserFromClaims(IEnumerable<Claim> claims, string audience, ILogger logger)
+        public static HttpUser CreateHttpUserFromClaimsPrincipal(ClaimsPrincipal claimsPrincipal, string audience, ILogger logger)
         {
+            var claims = claimsPrincipal.Claims;
             var username = GetUsernameFromClaims(claims);
 
             if (username == null)
@@ -94,10 +95,10 @@ public static HttpUser CreateHttpUserFromClaims(IEnumerable<Claim> claims, strin
             }
             else
             {
-                var guidString = claims.FirstOrDefault(c => c.Type == "id")?.Value;
+                var guidString = claimsPrincipal.FindFirstValue("id") ?? claimsPrincipal.FindFirstValue(ClaimTypes.NameIdentifier);
                 if (guidString == null)
                 {
-                    throw new Exception("Cannot parse user id inside user token: key \"id\" not present");
+                    throw new Exception($"Cannot parse user id inside user token: neither key \"id\" nor key {ClaimTypes.NameIdentifier} present");
                 }
                 var guid = new Guid(guidString);
 

diff --git a/backend/Omnikeeper/Service/CurrentUserService.cs b/backend/Omnikeeper/Service/CurrentUserService.cs
@@ -87,13 +87,13 @@ public async Task<IAuthenticatedUser> GetCurrentUser(IModelContext trans)
 
         public string GetCurrentUsername()
         {
-            var httpUser = HttpUserUtils.CreateHttpUserFromClaims(HttpContextAccessor.HttpContext!.User.Claims, configuration.GetSection("Authentication")["Audience"], logger);
+            var httpUser = HttpUserUtils.CreateHttpUserFromClaimsPrincipal(HttpContextAccessor.HttpContext!.User, configuration.GetSection("Authentication")["Audience"], logger);
             return httpUser.Username;
         }
 
         private async Task<IAuthenticatedUser> _GetCurrentUser(IModelContext trans)
         {
-            var httpUser = HttpUserUtils.CreateHttpUserFromClaims(HttpContextAccessor.HttpContext!.User.Claims, configuration.GetSection("Authentication")["Audience"], logger);
+            var httpUser = HttpUserUtils.CreateHttpUserFromClaimsPrincipal(HttpContextAccessor.HttpContext!.User, configuration.GetSection("Authentication")["Audience"], logger);
             return await HttpUserUtils.CreateAuthenticatedUserFromHTTPUser(httpUser, userModel, LayerModel, MetaConfigurationModel, AuthRoleModel, trans);
         }
     }