Oauth with Custom Role Provider in asp.net mvc 5

1
votes

I am using Thinktecture Identity Server V3 (Oauth) for authentication with custom user store and I want to use role based authorization.

I am trying to use custom role provider to check for the roles. username attribute is null for IsInRole method. How can I add user data to current context?

Is it good idea to use RoleProvider in this case or add the roles as Claims? If I add them to Claims how can I use [Authorize] attribute? Do I need to write a custom Authorize attribute?

1
c#asp.net-mvcoauththinktecture-ident-serveridentityserver3

1 Answers

1
votes

The AuthorizeAttribute does work for authorization based on the role claim, but it sounds like your claims aren't being stored properly.

If this is the case, see this Form Post client (AccountController) or this OWIN/Katana client (Startup class) for good examples.

Also, roles should be considered and handled as a claim.

Thinktecture also have their own authorization manager package if you are interested. See Dominick Baier's blog post about this for more details.