How to get user claims by using JWT Bearer token

Question

Am sending Bearer Token in the header from Postman. Now I need to get User Claim in the API using that bearer token. The code which I tried is not working means am not getting user Name/Email. How can I get user claim using Bearer Token?

public class RepositoryUserAccount : IRepositoryUserAccount
{
    private readonly HttpContext _httpContext;

    public RepositoryUserAccount(IHttpContextAccessor httpContextAccessor)
    {
        this._httpContext = httpContextAccessor.HttpContext;
    }

    public async Task EnableAuthenticator()
    {
        ClaimsPrincipal currentUser = _httpContext.User;
        var currentUserName = currentUser.FindFirst(ClaimTypes.NameIdentifier).Value;
    }
}

@RayanWilson i mean am not getting the user claim like Name/Email... — Chandan Y S, Jan 29 '19 at 14:13
how is this registered? singleton or transitive? what is your authentication provider set as? — Daniel A. White, Jan 29 '19 at 14:16
`_httpContext` will be null or just the first request hit. change it to use the accessor in the method. — Daniel A. White, Jan 29 '19 at 14:25
@Chandan Y S Are you setting the user claims in the token when you are logging the user? — mdln97, Jan 29 '19 at 14:43
@mdln97 Yes. Am setting the user claims while generating the token. — Chandan Y S, Jan 29 '19 at 14:49
did you check this resource then? https://stackoverflow.com/questions/45315274/get-claims-from-a-webapi-controller-jwt-token/50520437 — mdln97, Jan 29 '19 at 14:52

score 1 · Answer 1 · answered Jan 29 '19 at 14:52

You are registering it as a singleton as noted by your comment. Refactor this class to use the IHttpContextAccessor each time or change it to be a transitive dependency.

Heres the first method:

public class RepositoryUserAccount : IRepositoryUserAccount
{
    private readonly IHttpContextAccessor _httpContextAccessor;

    public RepositoryUserAccount(IHttpContextAccessor httpContextAccessor)
    {
        _httpContextAccessor = httpContextAccessor;
    }

    public async Task EnableAuthenticator()
    {
        ClaimsPrincipal currentUser = _httpContextAccessor.HttpContext.User;
        var currentUserName = currentUser.FindFirst(ClaimTypes.NameIdentifier).Value;
    }
}

score 0 · Answer 2 · answered Jan 29 '19 at 14:24

0

Let's assume the System.Security.Claims.ClaimTypes is Authentication

var claims = _httpContext.User.Claims.Where(x => x.Type == ClaimTypes.Authentication);
foreach (var claim in claims)
{
    var value = claim.Value; //<= the value of each claim
}

answered Jan 29 '19 at 14:24

derodevil

811
1
11
37

score 0 · Answer 3 · answered Jan 30 '19 at 12:34

What I did is, in startup I configured the services like,

var key = Encoding.ASCII.GetBytes(SECRET_KEY);
            services.AddAuthentication(x =>
            {
                x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            })
            .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, x =>
            {
                x.RequireHttpsMetadata = false;
                x.SaveToken = true;
                x.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuerSigningKey = true,
                    IssuerSigningKey = new SymmetricSecurityKey(key),
                    ValidateIssuer = false,
                    ValidateAudience = false
                };
            });

and in controller just I did like,

[HttpGet]
[Route("EnableAuthenticator")]
public void EnableAuthenticator()
{
   var user = HttpContext.User;
}

In user we will get all the claims. That's it!

How to get user claims by using JWT Bearer token

3 Answers3