ASP.NET Core 2.1 Custom RoleProvider with Windows Authentication

Question

I am migrating applications away from the ASP.Net MVC 5 framework to the new .Net Core 2.1.

I used Windows Authentication with a Custom RoleProvider in the MVC 5 Pro

Answer 1

I had the same problem - the solutions given in the post weren't helpful but the comments pointed me in the right direction. You need to add claims to your ClaimsPrincipal.

Step 1: Create a ClaimsTransformer - Replace "Admin" and add a separate claim for each role you fetch from your database

using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;

public class ClaimsTransformer : IClaimsTransformation
{ 
    public Task TransformAsync(ClaimsPrincipal principal)
    {
        var ci = (ClaimsIdentity) principal.Identity;
        var c = new Claim(ci.RoleClaimType, "Admin");
        ci.AddClaim(c);
        return Task.FromResult(principal);
    }
}

Step 2: Add your ClaimsTransformer to the ConfigureServices method of Startup.cs

services.AddAuthentication(Microsoft.AspNetCore.Server.IISIntegration.IISDefaults.AuthenticationScheme);
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
services.AddSpaStaticFiles(configuration =>
{
    configuration.RootPath = "ClientApp/dist";
});

services.AddSingleton();

Step 3: You can now add Role based Authorization attributes within your Controllers

[Authorize(Roles = "Admin")]
[HttpGet("[action]/{id}")]        
public User GetUser([FromRoute] int id)
{
    UserLogic ul = new UserLogic();
    return ul.GetUser(id);
}