Using SS 6.1.0 with the AdminUserFeature. I have 2 custom Credentials, the API and JWT providers loaded. All is fine and working but…there is a glitch in the UI when clicking on the provider button. Going from API to JWT, JWT is not showing correctly. Once JWT is showing correctly, going from JWT to API, API is not showing correctly…here are some screenshots in order going from left to right and then from right to left.
Also, note that the Credentials will use the last Custom Credentials I have defined in my AuthFeature and I think it should only use the default built-in one.
One last thing. For all my roles and permissions, I use an enum but I force it to be Camel case because roles from the token received are case sensitive right?
typeof(SecurityService).AddAttributes(new AuthenticateAttribute(), new RequiredRoleAttribute(PERolesEnum.Admin.ToString().ToCamelCase()));
Works fine but SS is expecting its default Admin role to be in Pascal case. When I use a user with “admin” role and try to use the Admin-UI, it will not work saying " Admin role required"
Is there a way to tell SS to enforce Camel case for this?
The issue with API Key and JWT Auth providers should be resolved in the latest v6.1.1 now on MyGet.
If you have multiple Credential Auth Providers they need to be differentiated by unique provider names and labels, e.g:
public class CustomCredentialsProvider : CredentialsAuthProvider
{
public CustomCredentialsProvider(IAppSettings appSettings)
: base(appSettings, "/auth/custom", "custom")
{
Label = "Custom";
}
}
This should make them appear as 2 different Auth sign ups, in the latest v6.1.1 I’ve added a convenience constructor where the above can be reduced to the Auth Providers unique Provider name, e.g:
public class CustomCredentialsProvider : CredentialsAuthProvider
{
public CustomCredentialsProvider(IAppSettings appSettings)
: base(appSettings, "custom") {}
}
Or example using a different tab name:
public class CustomCredentialsProvider : CredentialsAuthProvider
{
public CustomCredentialsProvider(IAppSettings appSettings)
: base(appSettings, "custom")
{
Label = "Alt Auth";
}
}
If you want to have both Auth Providers registered, but want to remove one from the Sign In UI you can use IAppHost.AddToAppMetadata() to modify the metadata used to power the UI’s to exclude the Auth Provider you want to exclude, e.g:
When you change the JSON serialization casing it only changes the JSON Object property names, i.e. keys, it never changes property values.
The Role and Permissions are case-sensitive and the super user role needs to exactly match Admin (i.e. RoleNames.Admin).
If you want to use a different naming convention for your custom roles I’d recommend that you use the [Description] attribute to specify the exact values you want
public enum PERolesEnum
{
Admin,
[Description("another")]
Another,
}
Then you can use the ToDescription() extension method which will return the [Description] value if one is provided, otherwise it returns the enum name:
new RequiredRoleAttribute(PERolesEnum.Admin.ToDescription()); //= Admin
new RequiredRoleAttribute(PERolesEnum.Another.ToDescription()); //= another
