Confusion over LOCAL AUTHORITY claims and External Provider claims

asp.net core identity add claims
getclaimsfromuserinfoendpoint
alwaysincludeuserclaimsinidtoken
claimsprincipal add claim
securitytokenvalidated add claim
ontokenvalidated openidconnect
openidconnectevents example
onsecuritytokenvalidated

I am creating a simple WebApi which allows users to connect with Facebook. When I get the accessToken back from facebook, I am calling RegisterExternal to create an Asp.Net Identity record and store the Claims from the token. These claims also include the access token which I require to query the facebook graph later. All seems fine up to this point.

The issue I am having is reading the claims. I can see they are in my database I just cant figure out how to query this data. I have tried

var claimsIdentity = User.Identity as ClaimsIdentity;

But this returns me 2 claims for a) "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" b) role

Both of these are of issuer LOCAL AUTHORITY (to be honest I am not sure when they are created as I am not explicitly adding these). So I believe their is either confusion on me saving the claims to the database agains the wrong type of issuer

await userManager.AddClaimAsync(user.Id, new Claim("urn:facebook:access_token", accessTokenClaim.Value, ClaimValueTypes.String, "LOCAL AUTHORITY"));

or my code for accessing the claims is incorrect.

Can anybody shed some light on this?

When it comes to adding the claims to your Identity:

// Get the claims identity
    ClaimsIdentity claimsIdentity =
        await AuthenticationManager.GetExternalIdentityAsync(DefaultAuthenticationTypes.ExternalCookie);

    if (claimsIdentity != null)
    {
        // Retrieve the existing claims
        var currentClaims = await UserManager.GetClaimsAsync(user.Id);

        // Get the list of access token related claims from the identity
        var tokenClaims = claimsIdentity.Claims
            .Where(c => c.Type.StartsWith("urn:tokens:"));

        // Save the access token related claims
        foreach (var tokenClaim in tokenClaims)
        {
            if (!currentClaims.Contains(tokenClaim))
            {
                await UserManager.AddClaimAsync(user.Id, tokenClaim);
            }
        }
    }

To persist these claims to the database, you must call SignIn for the user:

// Sign in and redirect the user
    await SignInAsync(user, isPersistent: false);

To retrieve the claims later you simply use:

var claimsIdentity = HttpContext.User.Identity as ClaimsIdentity;
if (claimsIdentity != null)
   var claims = claimsIdentity.Claims;

This code is comprised of snippets from this article: http://www.jerriepelser.com/blog/get-the-twitter-profile-image-using-the-asp-net-identity

I'd recommend reading through it if you would like to see a full example. I have used the code in this article myself and it worked great in my project for both Twitter and Facebook external claims.

Local authority investments: seventh report of session 2008-09, , There have been claims that the Government guidance encourages authorities and confusion over the roles of external advisers and agencies and the weigh should the variations of service on offer by different external service providers . Compensation claims against local authorities Harry Fairhead Policy Analyst, TaxPayers’ Alliance January 2016 research@taxpayersalliance.com The key findings of this research are: • Over £104 million was paid out in compensation in 2013-14 and 2014-15. • There were more than 40,000 compensation claims paid out in 2013-14 and 2014-15.

I had the same issue when I renamed identity cookie. So I had 2 different users in 2 cookies. After I deleted the old one issue is gone.

Missing Claims in the ASP.NET Core 2 OpenID Connect Handler , Authority = "https://demo.identityserver.io"; options. Claim actions allow modifying how claims from an external provider are profile or custom scopes that result in more claims, there is another confusing detail to be aware of. claims have “oidc” as issuer and the dynamic role has 'LOCAL AUTHORITY'. A frequent compensation claim taken against a local authority involves a trip-and-fall on a footpath, perhaps due to a crack in the pavement, or damage to a car because of a pothole. And while

LOCAL_AUTHORITY is the default value for Issuer if it is not specified at creation of the Claim. For example: var claim = new Claim("LastName", "Timberlake","string", "http:/contoso.com/someissuername"); The last parameter in the above example is the issuer.

Leadership and Change in Sustainable Regional Development, it is still far from clear who or which body will carry out internal or external inspection of activities. Local Authorities are still 'responsible bodies' for allocating what were between local citizens–Local Authorities–LSPs–LEPs are confused. at least) are acting on behalf of the locality, and claim to have a social rather than  0 Confusion over LOCAL AUTHORITY claims and External Provider claims Aug 17 '17 0 Cannot get Linked Servers to work in Sql Azure Jul 11 '18 0 port wp7 phonegap application to win8(not wp8) May 31 '13

The Princeton Companion to Atlantic History, the Isthmus of Panama, asserted rights to regulate commerce to extract and confusion and disputes over the differing jurisdictions, encouraged merchants to a free-trade argument, in which merchants operated in a legal domain external to claims of sovereign authority to consign Atlantic trade to chosen delegates. The NHS cannot claim local engagement without genuine local responsiveness. Local authorities are a natural vehicle for this, with a legitimacy that the NHS lacks. The pace of change in public service configuration rarely awaits evidence but, if we are to move towards an ICS based system, the terms of the shift need to be subject to proper and open discussion.

Persist additional claims and tokens from external providers in ASP , Prerequisites. Decide which external authentication providers to support in the app. For each provider, register the app and obtain a client ID and  Despite a government U-turn, many policies will only cover claims if coronavirus is found on-site.

End User Authentication with OAuth 2.0, Much of the confusion comes from the fact that OAuth is used inside of authentication of the token directly and obtain this information without relying on an external provider's private key, adding an additional layer of protection to the claims  Confusion over what's covered and what's not "Lowball" estimates and settlement offers; The adjuster assigned to the claim is unpleasant or hard to work with; Differences of opinion over scopes and values of losses Q: Does everyone have problems with their insurance company? NO. Many claims go relatively smoothly and we hope your does.

Comments
  • Did you find out where the "LOCAL AUTHORITY" claims are coming from?
  • Nope. Still struggled with this and ended up creating my own properties against the member to hold some of this data instead