-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixed writing accesses that bypass manager classes #303
Fixed writing accesses that bypass manager classes #303
Conversation
@skoruba , I am also looking for this functionality to capture events. Can you approve the merge? |
Sure, please take a look at my comments - is it necessary to use |
I think answer is it depends -
https://blog.stephencleary.com/2017/03/aspnetcore-synchronization-context.html |
OK, but is it required in this case? :) |
I do not think Identity server Admin libraries being used outside Web API or Server side MVC. Hence, ConfigureAwait is unnecessary. |
I have same opinion. Can you please @gingters remove usage of |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will merge it and remove ConfigureAwait
manually in next commit.
var userClaim = await DbContext.Set<TUserClaim>().Where(x => x.Id == claimId).SingleOrDefaultAsync(); | ||
|
||
DbContext.UserClaims.Remove(userClaim); | ||
await UserManager.RemoveClaimAsync(user, new Claim(userClaim.ClaimType, userClaim.ClaimValue)).ConfigureAwait(false); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@TomasHubelbauer - Is it required to use ConfigureAwait(false)
here and a few lines bellow? :)
Thanks!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@gingters - Why do you use ConfigureAwait(false)
? :)
Thanks.
In our custom IdentityServer implementation, we need to create events for every change on the users and roles.
For that, we decorated the
UserStore<TUser>
of the AspNetCore Identity model and create our events on every write access. The AspNetCore.IdentitiesUserManager
andRoleManager
both use theIUserStore
andIRoleStore
for write access exclusively, so that is the only good place to intercept changes to the users and roles.In your
IIdentityRepository
you use the manager classes to create user claims and role claims, but for deleting these you bypass theUserManager
/RoleManager
classes and use theIdentityDbContext
directly to deleteUserClaims
andRoleClaims
.This pull request changes this to also use the manager classes (and thus internally the Store) to write these changes to the database, so that we are capable of intercepting them and creating the required events when a user or a role changes.