Is there a way to add claims in an ASP.NET Core middleware after Authentication?

Question

I have this in my startup:

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
    if (env.IsDevelopment())
    {
        app.UseDeveloperE         


        

Answer 1

The preferred way for .NET Core 2.x is to use IClaimsTransformation, this has a single method TransformAsync(ClaimsPrincipal) with the note

Provides a central transformation point to change the specified principal. Note: this will be run on each AuthenticateAsync call, so its safer to return a new ClaimsPrincipal if your transformation is not idempotent.

Depending on the nature of the enrichment I add the claims to the existing authenticated identity or create a new identity with and mark that as authenticated. With the second idea you can make your method idempotent by checking for your custom identity before attempting the enrichment.