Read user info from jwt token payload

1 year ago · eea5850859
parent 2a19bbbd88
commit eea5850859
2 changed files with 11 additions and 17 deletions
--- a/OAuthClient/Program.cs
+++ b/OAuthClient/Program.cs
@ -1,4 +1,3 @@
-using System.Net.Http.Headers;
 using System.Security.Claims;
 using System.Text.Json;
 using Microsoft.AspNetCore.Authentication;
@ -26,24 +25,20 @@ builder.Services.AddAuthentication(options => {
        options.CallbackPath = authConfig["CallbackPath"]!;
        options.AuthorizationEndpoint = authConfig["AuthorizationEndpoint"]!;
        options.TokenEndpoint = authConfig["TokenEndpoint"]!;
-        options.UserInformationEndpoint = authConfig["UserInformationEndpoint"]!;
        options.SignInScheme = "Cookie";
        options.Backchannel = new HttpClient(new OriginHandler("http://localhost:5255"));

-        options.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "userId");
+        options.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "sub");

        options.Events = new OAuthEvents {
-            OnCreatingTicket = async context => {
-                var request = new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint);
-                request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
-                request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", context.AccessToken);
-
-                var response = await context.Backchannel.SendAsync(request);
-                response.EnsureSuccessStatusCode();
-
-                var user = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
-
-                context.RunClaimActions(user.RootElement);
+            OnCreatingTicket = context => {
+                var payloadBase64 = context.AccessToken!.Split('.')[1];
+                var payloadJson = Base64UrlTextEncoder.Decode(payloadBase64);
+                var payload = JsonDocument.Parse(payloadJson);
+
+                context.RunClaimActions(payload.RootElement);
+                
+                return Task.CompletedTask;
            }
        };
    });
--- a/OAuthClient/appsettings.json
+++ b/OAuthClient/appsettings.json
@ -10,9 +10,8 @@
    "OAuth": {
      "ClientId": "5c2bbd1ed84a4a62ac74d7fcecc1788c",
      "ClientSecret": "99b50d898268854b83f7a7cf30d9281b3a7b887941aeb489daf35361120af987e9f5f9457f016e553d9837511e552e1200686fbf67b5aa7ff2726b6f35b00219",
-      "AuthorizationEndpoint": "http://localhost:5255/api/v1/oauth/authorize",
-      "TokenEndpoint": "http://localhost:5255/api/v1/oauth/token",
-      "UserInformationEndpoint": "http://localhost:5255/api/v1/oauth/user",
+      "AuthorizationEndpoint": "http://localhost:8080/oauth/authorize",
+      "TokenEndpoint": "http://localhost:8080/api/v1/oauth/token",
      "CallbackPath": "/oauth-cb"
    }
  }