When using the /ui on my API, I run into a weird issue. Here is my AuthFeature
Plugins.Add(new AuthFeature(() => new PEUserSession(), new IAuthProvider[]
{
new ApiKeyAuthProvider(_peSettings) {RequireSecureConnection = false},
new CredentialsAuthProvider(_peSettings),
new JwtAuthProvider()
{
HashAlgorithm = "RS256", PrivateKeyXml = Encryption.GetPrivateKey(),
RequireSecureConnection = config.RequireSecureConnection,
UseTokenCookie = false,
CreatePayloadFilter = (payload, session) =>
{
var customSession = (PEUserSession) session;
payload["domain"] = customSession.Domain;
payload["lang"] = customSession.Language;
payload["ppaUsername"] = customSession.PPAUsername;
payload["ppaUserId"] = customSession.PPAUserId.ToString();
payload["ttl"] = customSession.TTL.ToString();
payload["idleTimeOut"] = customSession.IdleTimeOut.ToString();
payload["exp"] = customSession.UaaExp==0?long.MaxValue.ToString():customSession.UaaExp.ToString();
},
PopulateSessionFilter = ((session, payload, req) =>
{
if (session is not PEUserSession customUserSession) return;
customUserSession.Domain = payload["domain"];
customUserSession.Language = payload["lang"];
customUserSession.PPAUsername = payload["ppaUsername"];
if (int.TryParse(payload["ppaUserId"],
out var userId))
customUserSession.PPAUserId = userId;
if (int.TryParse(payload["ttl"], out var ttl))
customUserSession.TTL = ttl;
if (int.TryParse(payload["idleTimeOut"], out var idleTimeOut))
customUserSession.IdleTimeOut = idleTimeOut;
if (int.TryParse(payload["exp"], out var uaaExp))
customUserSession.UaaExp = uaaExp;
})
}
})
{ HtmlRedirect = null, IncludeRegistrationService = true });
Here is my PEUserSession
[DataContract]
public class PEUserSession : AuthUserSession
{
[DataMember]
public string Domain { get; set; }
[DataMember]
public string PPAUsername { get; set; }
[DataMember]
public int PPAUserId { get; set; }
[DataMember]
public int TTL { get; set; }
[DataMember]
public int IdleTimeOut { get; set; }
[DataMember]
public long UaaExp { get; set; }
}
To reproduce the issue:
1-Use authsecret to login => code is not going into the JWT CreatePayloadFilter
2-Signout
3-Use the API Key to login =>code goes into CreatePayloadFilter, the session is of type PEUserSession
4-Signout =>code goes into CreatePayloadFilter, the session is of type PEUserSession
5-Use the authsecret to login => code goes into CreatePayloadFilter, the session is of type AuthUserSession and cannot be converted to my PEUserSession…
I wonder why I get this behavior and why the casting fails…