Skip to content

Commit

Permalink
Make CaseSensitiveClaimIdentity serializable (#2850)
Browse files Browse the repository at this point in the history
* make CaseSensitiveClaimsIdentity serializable (and also have to make SecurityToken serializable)

* add unit test
  • Loading branch information
kllysng authored Sep 26, 2024
1 parent c2d8e4b commit 005c0ce
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ namespace Microsoft.IdentityModel.Tokens
/// <summary>
/// A derived <see cref="ClaimsIdentity"/> where claim retrieval is case-sensitive. The current <see cref="ClaimsIdentity"/> retrieves claims in a case-insensitive manner which is different than querying the underlying <see cref="SecurityToken"/>. The <see cref="CaseSensitiveClaimsIdentity"/> provides consistent retrieval logic between the <see cref="SecurityToken"/> and <see cref="ClaimsIdentity"/>.
/// </summary>
[Serializable]
public class CaseSensitiveClaimsIdentity : ClaimsIdentity
{
/// <summary>
Expand Down
1 change: 1 addition & 0 deletions src/Microsoft.IdentityModel.Tokens/SecurityToken.cs
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ namespace Microsoft.IdentityModel.Tokens
/// <summary>
/// Base class for security token.
/// </summary>
[Serializable]
public abstract class SecurityToken : ISafeLogSecurityArtifact
{
internal virtual IEnumerable<Claim> CreateClaims(string issuer)
Expand Down
Original file line number Diff line number Diff line change
@@ -1,10 +1,13 @@
// Copyright (c) Microsoft Corporation.
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.

using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Claims;
using System.Text.Json;
using System.Text.Json.Serialization;
using Microsoft.IdentityModel.JsonWebTokens;
using Microsoft.IdentityModel.TestUtils;
using Newtonsoft.Json.Linq;
Expand Down Expand Up @@ -214,6 +217,33 @@ public static TheoryData<CaseSensitiveClaimsIdentityTheoryData> GetCaseSensitive
}
}

[Fact]
public void CaseSensitiveClaimsIdentity_IsSerializableTest()
{
// arrange
CaseSensitiveClaimsIdentity claimsIdentity = (CaseSensitiveClaimsIdentity)CreateCaseSensitiveClaimsIdentity(new JObject
{
[UpperCaseClaimName] = LowerCaseClaimValue,
});
CaseSensitiveClaimsIdentity deserializedClaimsIdentity;

// act
var memoryStream = new MemoryStream();
var serializerOptions = new JsonSerializerOptions()
{
ReferenceHandler = ReferenceHandler.IgnoreCycles
};

JsonSerializer.Serialize(memoryStream, claimsIdentity, typeof(CaseSensitiveClaimsIdentity), serializerOptions);
memoryStream.Seek(0, SeekOrigin.Begin);
deserializedClaimsIdentity = (CaseSensitiveClaimsIdentity)JsonSerializer.Deserialize(memoryStream, typeof(CaseSensitiveClaimsIdentity), serializerOptions);

// assert
Assert.NotNull(deserializedClaimsIdentity);
Assert.Equal(claimsIdentity.NameClaimType, deserializedClaimsIdentity.NameClaimType);
Assert.Equal(claimsIdentity.RoleClaimType, deserializedClaimsIdentity.RoleClaimType);
}

public class CaseSensitiveClaimsIdentityTheoryData(string testId) : TheoryDataBase(testId)
{
internal ClaimsIdentity ClaimsIdentity { get; set; }
Expand Down

0 comments on commit 005c0ce

Please sign in to comment.