Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Disallow bindings from other sources on optional claim binding.

See original GitHub issue

So i want to bind the role from claim like this:

    [FromClaim(claimType: ClaimTypes.Role, false)]
    public string? Role { get; set; }

My goal is to do something role related if you have one. In the swagger document i got this: I dont want to bind the role from quary or other source, but i want it to be optional (some users dont have any role), thus the request returns a 400. I found this on the documantation: Is there a way to disable higher priority binding soruces for this property? Link: https://fast-endpoints.com/docs/model-binding#from-user-claims

Issue Analytics

State:
Created a year ago
Comments:7 (4 by maintainers)

Top GitHub Comments

1reaction

dj-nitehawkcommented, Aug 25, 2022

since swagger is a different universe, you’re gonna need a custom operation processor like this:

public class MyOperationProcessor : IOperationProcessor
{
    public bool Process(OperationProcessorContext ctx)
    {
        var apiDescription = ((AspNetCoreOperationProcessorContext)ctx).ApiDescription;
        var reqDtoType = apiDescription.ParameterDescriptions.FirstOrDefault()?.Type;
        var opParams = ctx.OperationDescription.Operation.Parameters;

        if (reqDtoType?.GetInterfaces().Contains(typeof(IHasRole)) is true)
        {
            foreach (var param in opParams.ToArray())
            {
                if (param.Name == nameof(IHasRole.Role))
                    opParams.Remove(param);
            }
        }
        return true;
    }
}

builder.Services.AddSwaggerDoc(s => s.OperationProcessors.Add(new MyOperationProcessor()));

1reaction

szekelymatyascommented, Aug 25, 2022

with v5.1.0-beta1 you can now do the following:

public interface IHasRole
{
    string? Role { get; set; }
}

public class Request : IHasRole
{
    public string? Role { get; set; }
}

app.UseFastEndpoints(c => c.Binding.Modifier = (req, tReq, ctx, ct) =>
{
    if (req is IHasRole r)
    {
        r.Role = ctx.HttpContext.User.ClaimValue(ClaimTypes.Role) ?? "Guest";
    }
});

I did almost the same thing with RequestBinder. I already started seaching a config to add request binder globally. Binding modifier is exactly what im looking for. Ty 😃

Top Results From Across the Web

Azure AD v2.0-specific optional claims missing from ID Token

I've tried different code examples using the claims principal to try and get the values out, but nothing is working for me. Hoping...

Redirecting Assembly Versions - .NET Framework

Redirect compile-time binding references to different versions of .NET assemblies, third-party assemblies, or your own app's assemblies.

Issue #2 · tc39/proposal-optional-catch-binding

But I am not doing some other possibly-throwing operation in the same try block. I'm not trying to claim we should always discard...

Bind serial issues

If deselected, no bound volume will be created upon binding of the binding unit. Local Holding Record – Determines where the bound volume...

Selector-Label Volume Binding - Configuring Persistent Storage

This guide provides the steps necessary to enable binding of persistent volume claims (PVCs) to persistent volumes (PVs) via selector and label attributes....