3

I created a custom class that inherits from IPrincipal and would like to make sure this object is added to the Thread.CurrentPrincipal and HttpContext.Current.User instead of the ClaimsPrincipal object. This is for a web api application.

I would like this to occur after the user makes a successful request for an access token. Where in the lifecycle should this occur?

After I called /Token to get the access_token, I passed the bearer token back to the ChangePassword action along with the necessary parameters and User is still set to ClaimsPrincipal. Is there a way to make sure the Principal is set immediately after the request is made and after the ClaimsPrincipal is set?

user1790300
  • 2,245
  • 6
  • 36
  • 97
  • are you using oauth? – Hamid Pourjam Dec 30 '14 at 21:01
  • Yes. I created a custom IUserStore as well. – user1790300 Dec 30 '14 at 21:02
  • so you are not using `IOwinContext.Authentication.SignIn` method to set your principal? – Hamid Pourjam Dec 30 '14 at 21:12
  • I am using the OWIN tools that are build in when you create a new project using Individual accounts setting. I also created a custom UserStore that inherits from IUserStore, IUserPasswordStore, etc. – user1790300 Dec 30 '14 at 21:18
  • in `GrantResourceOwnerCredentials` method before calling to `SignIn` – Hamid Pourjam Dec 30 '14 at 21:20
  • After I called /Token to get the access_token, I passed the bearer token back to the ChangePassword action along with the necessary parameters and User is still set to ClaimsPrincipal. Is there a way to make sure the Principal is set immediately after the request is made and after the ClaimsPrincipal is set? – user1790300 Dec 30 '14 at 21:59

0 Answers0