Home > Back-end >  How do I set Identity of the thread using incoming bearer token?
How do I set Identity of the thread using incoming bearer token?

Time:12-26

I have written a IDP app that generates and returns tokens. There is also another API used for all of the business logic. I am sending the token to the business api and have AddAuthentication and AddJwtBearer set on IServicesCollection. When I try to access the Thread.CurrentPrincipal is null. How do I make sure it's set am I missing a setting?

Both APIs are written in dotnet 6 and the client using both is written with react and is using the redux-oidc library.

enter image description here

Thanks, Radulfr

CodePudding user response:

Cookies are tied to a request's context. As long as your services and methods are being injected as Scoped, you can trust that the cookie used throughout the request is correct. You should generally avoid manually tampering with your cookie's state.

Asp core takes care of this for you by default, and you can actually get the cookie using the static Context, or by injecting IHttpContextAccessor. into a class

Request.Cookies.TryGetValue("Cookie_Name");

(IHttpContextAccessor) _context.HttpContext.Request.Cookies.TryGetValue("Cookie_Name")

CodePudding user response:

Instead of using the thread I am able to access the users claims via the httpcontext which I get using the HttpContextAccessor injected via DI.

  • Related