Fix #976: Break claims value in array into multiple claims (#996)

* Break claims value in array into multiple claims * Review feedback 1
2016-09-29 16:21:26 -07:00 · 2016-09-29 16:21:26 -07:00 · e09dd6d0b8
parent ac773beffc
commit e09dd6d0b8
2 changed files with 37 additions and 6 deletions
--- a/src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectHandler.cs
+++ b/src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectHandler.cs
@ -806,12 +806,7 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
            }
            // adding remaining unique claims from userinfo endpoint to the identity
-            foreach (var pair in user)
+            ClaimsHelper.AddClaimsToIdentity(user, identity, jwt.Issuer);
            {
                JToken value;
                var claimValue = user.TryGetValue(pair.Key, out value) ? value.ToString() : null;
                identity.AddClaim(new Claim(pair.Key, claimValue, ClaimValueTypes.String, jwt.Issuer));
            }
            return AuthenticateResult.Success(ticket);
        }
--- a/src/Microsoft.AspNetCore.Authentication.OpenIdConnect/Utility/ClaimsHelper.cs
+++ b/src/Microsoft.AspNetCore.Authentication.OpenIdConnect/Utility/ClaimsHelper.cs
@ -0,0 +1,36 @@
 // Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 using System.Security.Claims;
 using Newtonsoft.Json.Linq;
 namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
 {
    internal static class ClaimsHelper
    {
        public static void AddClaimsToIdentity(
            JObject userInformationPayload,
            ClaimsIdentity identity,
            string issuer)
        {
            foreach (var pair in userInformationPayload)
            {
                var array = pair.Value as JArray;
                if (array != null)
                {
                    foreach (var item in array)
                    {
                        AddClaimsToIdentity(item, identity, pair.Key, issuer);
                    }
                }
                else
                {
                    AddClaimsToIdentity(pair.Value, identity, pair.Key, issuer);
                }
            }
        }
        private static void AddClaimsToIdentity(JToken item, ClaimsIdentity identity, string key, string issuer)
            => identity.AddClaim(new Claim(key, item?.ToString() ?? string.Empty, ClaimValueTypes.String, issuer));
    }
 }