Skip to content

fix(identity): align JWT claim mapping and add UserId fallbacks#1222

Open
cesarcastrocuba wants to merge 1 commit into
fullstackhero:mainfrom
cesarcastrocuba:fix/blazor-currentuser-claim
Open

fix(identity): align JWT claim mapping and add UserId fallbacks#1222
cesarcastrocuba wants to merge 1 commit into
fullstackhero:mainfrom
cesarcastrocuba:fix/blazor-currentuser-claim

Conversation

@cesarcastrocuba
Copy link
Copy Markdown
Contributor

@cesarcastrocuba cesarcastrocuba commented Mar 15, 2026

[fix]: Correct currentUserId in Blazor and API contexts

Description

This PR resolves an issue where ICurrentUser.GetUserId() returned Guid.Empty when called from a Blazor client context. The root cause was a mismatch between JWT claim names and the default .NET claim mapping.

Key Changes:

  • JWT Config: Set options.MapInboundClaims = false; in ConfigureJwtBearerOptions.cs. This prevents ASP.NET Core from remapping standard short JWT claims (like sub, uid) to long XML SOAP URIs, ensuring consistency between the raw JWT and the ClaimsPrincipal.
  • Claim Fallbacks: Updated ClaimsPrincipalExtensions.GetUserId() to look for uid and sub claims before falling back to NameIdentifier. This ensures that existing tokens and Blazor-issued tokens both resolve the User ID correctly.
  • Cross-Component Compatibility: These changes ensure that both Blazor UI and direct API clients share a unified way of identifying the current user.

Related Issues

Verification

  • Unit Tests: Added ClaimsPrincipalExtensionsTests to Generic.Tests to verify that GetUserId() correctly prioritizes uid > sub > NameIdentifier.
  • Manual Verification: Confirmed that login works in the Blazor application and GetUserId() correctly identifies the user after the changes.
  • Build: Successfully built with 0 errors.

Type of Change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)

fix(identity): align JWT claim mapping and add UserId fallbacks [I-14]
bf0cf55 
- Set MapInboundClaims = false in ConfigureJwtBearerOptions to prevent .NET from remapping standard JWT claims to long URIs- Updated ClaimsPrincipalExtensions.GetUserId to support 'uid' and 'sub' claims, ensuring compatibility with Blazor-issued tokens- Added unit tests in Generic.Tests to verify claim priority (uid > sub > nameid)
@iammukeshm iammukeshm deleted the branch fullstackhero:main May 27, 2026 06:59
@iammukeshm iammukeshm closed this May 27, 2026
@iammukeshm iammukeshm reopened this May 27, 2026
@iammukeshm iammukeshm changed the base branch from develop to main May 27, 2026 07:01
@iammukeshm
Copy link
Copy Markdown
Member

iammukeshm commented May 27, 2026

Thanks for the substantial work across these PRs 🙏

FullStackHero has moved to a major new baseline — v10 (.NET 10) — which includes a significant restructure (for example src/api/framework/** is now src/BuildingBlocks/**) and a new CI pipeline. This PR now targets main but no longer applies cleanly against it.

Could you please:

  1. Rebase your branch onto the current main and resolve conflicts,
  2. re-review your changes against the v10 layout/APIs (some files have moved or changed), and
  3. push the update so the PR is green against the new Backend CI / Frontend CI checks.

Once it's rebased and passing we'll be happy to review. Really appreciate the contributions to FullStackHero!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cesarcastrocuba @iammukeshm