1
[Authorize(Roles = "HRManager,Finance")]
public class SalaryController : Controller 
{
    public IActionResult Payslip() =>
         Content("HRManager || Finance");
}

This code is from Microsoft and it knows what Roles the person used to access this method. How do I capture that list and set it to a list object? Is it possible? I feel like this should be simple but cant find any code examples for what I am looking for.

So I have tried several things that don't work but I feel like they should.

var claimsIdentity = (ClaimsIdentity) HttpContext.User.Identity;

var userIdentity = (ClaimsIdentity) User.Identity;
var claims = userIdentity.Claims;
var roleClaimType = userIdentity.RoleClaimType;
var identity = WindowsIdentity.GetCurrent().User;

// or...
var roles = claims.Where(c => c.Type == roleClaimType).ToList();

This last line seemed like it would work but again fails to provide human readable roles it just has in them some GroupIDs that appear to be binary.

Ultimately this last bit works but I am still not able to get a list of roles from this. Which is what I wanted originally.

var IsInRole = HttpContext.User.IsInRole("Admin");

If someone could provide a code sample that can turn this into a list of roles. That is the results I am looking for. The code should be simple and easy nothing more than a line or two to accomplish what I am looking for.

John Conde
  • 217,595
  • 99
  • 455
  • 496
Deathstalker
  • 794
  • 10
  • 8
  • What I am looking for is something like "List UserRoles = [Authorize(Roles)]" – Deathstalker Mar 16 '22 at 21:56
  • Does this answer your question? [Get role/s of current logged in user in ASP.NET Core MVC](https://stackoverflow.com/questions/37545032/get-role-s-of-current-logged-in-user-in-asp-net-core-mvc) – Peter B Mar 16 '22 at 21:58
  • https://stackoverflow.com/questions/36641338/how-to-get-current-user-in-asp-net-core – pm100 Mar 16 '22 at 21:58
  • So far nothing here has answered my question clearly. Code example that actually works would be nice. – Deathstalker Mar 16 '22 at 22:39
  • @Deathstalker, does Ali M's reply helped you solve the problem, and you question has been solved? If still can't get the role from the claims, can you use SQL Server Management Studio (SSMS) to check the database, and view the AspNetUsers, AspNetRoles and the AspNetUserRoles data. Whether the AspNetUserRoles table contains the records about the login user, you can according to the user id to find the role id. If the AspNetUserRoles table doesn't contains the relates records, it means the login user doesn't have the relates roles, so you can't find the role from the claims. – Zhi Lv Mar 23 '22 at 03:09

1 Answers1

2

You can get list of roles using this code :

List<Claim> roleClaims = HttpContext.User.FindAll(ClaimTypes.Role).ToList();

And if you want role values as string use this :

List<Claim> roleClaims = HttpContext.User.FindAll(ClaimTypes.Role).ToList();
var roles = new List<string>();

foreach (var role in roleClaims)
{
    roles.Add(role.Value);
}
spaleet
  • 838
  • 2
  • 10
  • 23
  • 1
    You could also get rid of the foreach with a .select like this `HttpContext.User.FindAll(ClaimTypes.Role).Select(r => r.Value).ToList();` – MrCodeWeaver Mar 09 '23 at 14:26