4

how can I read client claims from the appsettings.json file?

I have this appsettings.json:

"IdentityServer": {
     "Clients": [
       {
         "Enabled": true,
         "ClientId": "client1",
         "AlwaysSendClientClaims": true,
         "Claims": [
           {
             "Type": "custom_claim1",
             "Value": "value1"
           },
           {
             "Type": "custom_claim2",
             "Value": "value2"
           }
         ]
       }
     ]
}

And, I load the clients config like the docs says: 

var builder = services.AddIdentityServer(opts =>
{
    /// Opts removed for simplicity
})
   .AddInMemoryClients(Configuration.GetSection("IdentityServer:Clients"));

All is working fine, except for the client claims. I can not see them in Jwt.io decode tool.

Roy Cai
  • 89
  • 1
  • 8
  • None of the examples I've seen includes `Claims` when adding in-memory clients – Nkosi Oct 06 '19 at 22:35
  • Why do you think the problem is in reading the client claims? It seems the actual problem is that claims do not make it to the token: _I can not see them in Jwt.io decode tool_. Which is an entirely other issue. Can you confirm that the claims are not loaded, in other words, the client has no claims? –  Oct 07 '19 at 01:45
  • When I configure clients in memory with code (same settings), the claims are added to the jwt. The problem is when i try to load from the json. – Roy Cai Oct 07 '19 at 01:58
  • There is one open issue concerning [reading clients from json](https://github.com/IdentityServer/IdentityServer4/issues/2573), but since your application doesn't crash this may not be related to your problem. –  Oct 07 '19 at 02:14
  • Still, did you confirm that the claims are not loaded for the client? –  Oct 07 '19 at 02:17
  • Weither or not you can see client claims in the token response has nothing to do with how you load them. Also these are client claims and not user claims i suspect that may have something to do with your problem. https://stackoverflow.com/q/43894146/1841839 – Linda Lawton - DaImTo Oct 07 '19 at 06:34

1 Answers1

0

There is a problem binding the Claims collection in the Clients[] from appSettings.json due to the fact that the current implementation of the Claim object can not be deserialized from json.

https://github.com/IdentityServer/IdentityServer4/issues/2573

and here

https://github.com/IdentityServer/IdentityServer4/pull/3887/files/ed14abc204960b2d5ca3418a868882a698e54d90

koo9
  • 409
  • 5
  • 15