Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Correctly handle claims of same type with multiple values #2248

Merged
merged 2 commits into from
Aug 24, 2023
Merged

Correctly handle claims of same type with multiple values #2248

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
cf29ae4
Handle claims with multiple values
Aug 22, 2023
886277a
refactor
Aug 22, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 6 additions & 2 deletions src/Microsoft.IdentityModel.Tokens/TokenUtilities.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -128,13 +128,17 @@ internal static IDictionary<string, object> CreateDictionaryFromClaims(
// When the creating the JWT and a list is found, a JsonArray will be created.
if (payload.TryGetValue(claim.Type, out object existingValue))
{
if (existingValue is not IList<object>)
if (existingValue is IList<object> existingList)
{
existingList.Add(jsonClaimValue);
}
else
{
payload[claim.Type] = new List<object>
{
existingValue,
jsonClaimValue
};
};
}
}
else
Expand Down
34 changes: 34 additions & 0 deletions test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandlerTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,40 @@ namespace Microsoft.IdentityModel.JsonWebTokens.Tests
{
public class JsonWebTokenHandlerTests
{
[Fact]
keegan-caruso marked this conversation as resolved.
Show resolved Hide resolved
public void JsonWebTokenHandler_CreateToken_SameTypeMultipleValues()
{
var identity = new ClaimsIdentity("Test");

var claimValues = new List<string> { "value1", "value2", "value3", "value4" };

foreach (var value in claimValues)
identity.AddClaim(new Claim("a", value));

var descriptor = new SecurityTokenDescriptor
{
SigningCredentials = new SigningCredentials(Default.AsymmetricSigningKey, SecurityAlgorithms.RsaSsaPssSha256),
Subject = identity
};

var handler = new JsonWebTokenHandler();

var token = handler.CreateToken(descriptor);

var jwt = new JsonWebToken(token);
var claims = jwt.Claims.ToList();

int defaultClaimsCount = 3;

Assert.Equal(defaultClaimsCount + claimValues.Count, claims.Count);

var aTypeClaims = claims.Where(c => c.Type == "a").ToList();

Assert.Equal(4, aTypeClaims.Count);

foreach (var value in claimValues)
Assert.NotNull(aTypeClaims.SingleOrDefault(c => c.Value == value));
}

// This test checks to make sure that the value of JsonWebTokenHandler.Base64UrlEncodedUnsignedJWSHeader has remained unchanged.
[Fact]
Expand Down
34 changes: 34 additions & 0 deletions test/System.IdentityModel.Tokens.Jwt.Tests/JwtSecurityTokenHandlerTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,40 @@ namespace System.IdentityModel.Tokens.Jwt.Tests
public class JwtSecurityTokenHandlerTests
{

[Fact]
public void JwtSecurityTokenHandler_CreateToken_SameTypeMultipleValues()
{
var identity = new ClaimsIdentity("Test");

var claimValues = new List<string> { "value1", "value2", "value3", "value4" };

foreach (var value in claimValues)
identity.AddClaim(new Claim("a", value));

var descriptor = new SecurityTokenDescriptor
{
SigningCredentials = new SigningCredentials(Default.AsymmetricSigningKey, SecurityAlgorithms.RsaSsaPssSha256),
Subject = identity
};

var handler = new JwtSecurityTokenHandler();

var jwt = (JwtSecurityToken)handler.CreateToken(descriptor);

var claims = jwt.Claims.ToList();

int defaultClaimsCount = 3;

Assert.Equal(defaultClaimsCount + claimValues.Count, claims.Count);

var aTypeClaims = claims.Where(c => c.Type == "a").ToList();

Assert.Equal(4, aTypeClaims.Count);

foreach (var value in claimValues)
Assert.NotNull(aTypeClaims.SingleOrDefault(c => c.Value == value));
}

[Theory, MemberData(nameof(CreateJWEWithPayloadStringTheoryData))]
public void CreateJWEWithAdditionalHeaderClaims(CreateTokenTheoryData theoryData)
{
Expand Down