C
C#9mo ago
Iron

Role based Authorize Blazor Server + Client

I am stuck trying to use the @attribute [Authorize(Roles = "Admin")] in my blazor component on client side. I started by adding “ .AddRoles<IdentityRole>() “ in program.cs “ public class RoleConfiguration : IEntityTypeConfiguration<IdentityRole> { public void Configure(EntityTypeBuilder<IdentityRole> builder) { builder.HasData( new IdentityRole { Name = "Visitor", NormalizedName = "VISITOR" }, new IdentityRole { Name = "Admin", NormalizedName = "ADMIN" } ); } } “ I made the above class to create the roles Then i added a override in my ApplicationDbContext “ protected override void OnModelCreating(ModelBuilder builder) { base.OnModelCreating(builder); builder.ApplyConfiguration(new RoleConfiguration()); } “ then i ran “ INSERT INTO AspNetUserRoles VALUES ('UserId','Administrator RoleId') “ With the ids that i get from my tables, however, the [Authorize(Roles = "Admin)] on a page still tells me i dont have permissions to view this page. Any tips?
10 Replies
Iron
Iron9mo ago
<AuthorizeView Roles="Admin"> does not work either, it does not show me.
friedice
friedice9mo ago
did you check to see if the token has the role?
Iron
Iron9mo ago
Where can i check that?in the db you mean or check in the browser?
friedice
friedice9mo ago
so you login as a user right? and when you login you pass a token to the client side?
friedice
friedice9mo ago
you can then use https://jwt.io/ this site to check all the stuff you added to your token
JWT.IO
JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.
Iron
Iron9mo ago
yes as a user and the [authorize] works just not the role based one. I will check now ty I can use the user token to see email etc not any role. I also did a bool called isAdmin in my blazor component with @isAdmin = @context.User.IsInRole("Admin"); and it returns false hmmm I prob did something wrong setting it up? but i did it all at once, and basic authorize works right now just not the role based, i have the tables setup etc, redone the project multiple times to try. I see the roles that i migrated aswell they are in the table with ids.
Iron
Iron9mo ago
My user is assigned a roleid
Iron
Iron9mo ago
however i assigned it using sqlQuery. Seems i missed some stuff i will try some editing and we will see . http://schemas.microsoft.com/ws/2008/06/identity/claims/role I see this link in the token in the console window of the browser now. Still no success in using the role authorization yet tho because it still says my user does not have the correct role.. Hmm
Iron
Iron9mo ago
No description
Iron
Iron9mo ago
i added this to my program.cs in server: “builder.Services.AddIdentityServer() .AddApiAuthorization<ApplicationUser, ApplicationDbContext>() .AddProfileService<ProfileService>(); // Added this line“ And i created“ ProfileService.cs“ public class ProfileService : IProfileService { private readonly UserManager<ApplicationUser> _userManager; public ProfileService(UserManager<ApplicationUser> userManager) { _userManager = userManager; } public async Task GetProfileDataAsync(ProfileDataRequestContext context) { var user = await _userManager.GetUserAsync(context.Subject); if (user != null) { var roles = await _userManager.GetRolesAsync(user); var roleClaims = new List<Claim>(); foreach (var role in roles) { roleClaims.Add(new Claim(ClaimTypes.Role, role)); } context.IssuedClaims.AddRange(roleClaims); } } public async Task IsActiveAsync(IsActiveContext context) { var user = await _userManager.GetUserAsync(context.Subject); context.IsActive = user != null; } }“ Hey guys i fixed the issue by adding 
 .AddApiAuthorization<ApplicationUser, ApplicationDbContext>(opt => 
    {
        opt.IdentityResources["openid"].UserClaims.Add("role");
        opt.ApiResources.Single().UserClaims.Add("role");
    });
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Remove("role");
 .AddApiAuthorization<ApplicationUser, ApplicationDbContext>(opt => 
    {
        opt.IdentityResources["openid"].UserClaims.Add("role");
        opt.ApiResources.Single().UserClaims.Add("role");
    });
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Remove("role");
to program.cs my bad......... Did not add claims to the token
Want results from more Discord servers?
Add your server
More Posts
❔ Trying to maximize the amount of messages my worker can process while using Channels.I am working with AWS SQS queue and using a channel to write messages to and read from. This is how❔ Connecting to a local DBPackages Used: ``` Dapper v2.0.151 Microsoft.Extensions.Configuration.Abstractions 7.0.0 System.Data✅ Synchronize text box to calculate the average of the next 5 text boxesI have a WPF project where I want to calculate the average of 5 textboxes. I want to synchronize the❔ Blazor State Container Prompt, Standardized for all PagesI have a simple state container in blazor. The goal is to provide the AppEntity value: ```public cl❔ Please help with a ''simple'' cash-register simulator.I need my program to be able to tell how many 50 cents it will give back to the customer. For exampl❔ Sharepoint REST API 401 ErrorI'm using MSAL Node get token interactive in my electron to get an access token that will be appende❔ Can anyone help explain what it's talking about?Is it trying to get me to copy the array value from arrayOne to arrayTwo? If so, how? It never taugh❔ Is it a good idea to use a "processed model" in addition to the model bound by ASP.NET itself?First of all, I wanted to do this because I wanted to avoid writing a custom model binder. Let's say❔ What is problem?using System; using System.Net.Http; using System.Text; using System.Threading.Tasks; using System.W✅ strange behavior with dictionary keysI have following code: ```cs public class UISchemaGenerator { private record CacheKey( E