Hello,
We use OpenIdConnect to authenticate using auth0.com.
I assigned Buyer2 role to some users, but the Cart was not set to RequiresApproval state when cart was over budget.
I found out that in SetRequiresApproval handler, user roles are not correctly evaluated when calling SiteContext.Current.IsUserInRole.
By deep investigation I found out that this is caused by ClaimType mismatch:
ClaimsPrincipal.IsInRole uses ClaimsIdentity.RoleClaimType="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" to check the roles.
That means SiteContext.Current.IsUserInRole always returns false.
I implemented a workaround in a form of FixUserRoles handler added to the GetCart handler chain that adds claims with proper ClaimType.
Is there any proper solution for this? When I googled, someone mentioned that old version of System.IdentityModels.Tokens.Jwt may cause this.
Thanks in advance for any input!
Hello,
We use OpenIdConnect to authenticate using auth0.com.
I assigned Buyer2 role to some users, but the Cart was not set to RequiresApproval state when cart was over budget.
I found out that in SetRequiresApproval handler, user roles are not correctly evaluated when calling SiteContext.Current.IsUserInRole.
By deep investigation I found out that this is caused by ClaimType mismatch:
ClaimsPrincipal.IsInRole uses ClaimsIdentity.RoleClaimType="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" to check the roles.
That means SiteContext.Current.IsUserInRole always returns false.
I implemented a workaround in a form of FixUserRoles handler added to the GetCart handler chain that adds claims with proper ClaimType.
Is there any proper solution for this? When I googled, someone mentioned that old version of System.IdentityModels.Tokens.Jwt may cause this.
Thanks in advance for any input!