Skip to content

Allow empty claim value to mimic behavior of ASP.NET AuthorizationPolicyBuilder.RequireClaim method #1337

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
iam-black wants to merge 7 commits into
base: develop
Choose a base branch
from
Open

Allow empty claim value to mimic behavior of ASP.NET AuthorizationPolicyBuilder.RequireClaim method #1337

Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
f4321ba
Allow empty claim value to mimic behaviour of ASP.NET RequireClaim(type)
Sep 9, 2020
bf713f6
Back to original code change
raman-m Jul 17, 2023
3ed044e
SYSLIB1045 Use 'GeneratedRegexAttribute' to generate the regular expr…
raman-m Jul 17, 2023
b513ba8
SA1601 Partial elements should be documented.
raman-m Jul 17, 2023
094b448
Re-apply original changes
raman-m Nov 7, 2024
935bbd9
Optimization: continue early at the beginning of the iteration aka Ch…
raman-m Nov 7, 2024
b177266
Merge 'ThreeMammals:develop' to 'iam-black:allow-empty-required-claim…
raman-m Jan 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 7 additions & 2 deletions src/Ocelot/Authorization/ClaimsAuthorizer.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,9 @@
namespace Ocelot.Authorization;

/// <summary>
/// Default authorizer by claims.
/// Default authorizer by claims which is implemented using Claims-based authorization.
/// </summary>
/// <remarks>Microsoft Learn: <see href="https://learn.microsoft.com/en-us/aspnet/core/security/authorization/claims">Claims-based authorization in ASP.NET Core</see>.</remarks>
public partial class ClaimsAuthorizer : IClaimsAuthorizer
{
private readonly IClaimsParser _claimsParser;
Expand All @@ -29,8 +30,12 @@ List<PlaceholderNameAndValue> urlPathPlaceholderNameAndValues
{
foreach (var required in routeClaimsRequirement)
{
var values = _claimsParser.GetValuesByClaimType(claimsPrincipal.Claims, required.Key);
if (string.IsNullOrEmpty(required.Value) || string.IsNullOrWhiteSpace(required.Value))
{
continue; // if required value is not specified
}

var values = _claimsParser.GetValuesByClaimType(claimsPrincipal.Claims, required.Key);
if (values.IsError)
{
return new ErrorResponse<bool>(values.Errors);
Expand Down
Loading