adjust for claims mapping

Brent Schmaltz · Brent Schmaltz · commit 9712d15b38cc · 2023-06-22T10:09:52.000-07:00
remove using System
diff --git a/src/Security/Authentication/JwtBearer/src/JwtBearerHandler.cs b/src/Security/Authentication/JwtBearer/src/JwtBearerHandler.cs
@@ -1,7 +1,6 @@
 // Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
-using System;
 using System.Globalization;
 using System.Linq;
 using System.Security.Claims;
diff --git a/src/Security/Authentication/JwtBearer/src/JwtBearerOptions.cs b/src/Security/Authentication/JwtBearer/src/JwtBearerOptions.cs
@@ -17,6 +17,7 @@ public class JwtBearerOptions : AuthenticationSchemeOptions
 {
     private readonly JwtSecurityTokenHandler _defaultHandler = new JwtSecurityTokenHandler();
     private readonly JsonWebTokenHandler _defaultTokenHandler = new JsonWebTokenHandler();
+    private bool _mapInboundClaims = JwtSecurityTokenHandler.DefaultMapInboundClaims;
 
     /// <summary>
     /// Initializes a new instance of <see cref="JwtBearerOptions"/>.
@@ -135,15 +136,20 @@ public JwtBearerOptions()
     public bool IncludeErrorDetails { get; set; } = true;
 
     /// <summary>
-    /// Gets or sets the <see cref="MapInboundClaims"/> property on the default instance of <see cref="JwtSecurityTokenHandler"/> in SecurityTokenValidators, which is used when determining
-    /// whether or not to map claim types that are extracted when validating a <see cref="JwtSecurityToken"/>.
+    /// Gets or sets the <see cref="MapInboundClaims"/> property on the default instance of <see cref="JwtSecurityTokenHandler"/> in SecurityTokenValidators, or <see cref="JsonWebTokenHandler"/>which is used when determining
+    /// whether or not to map claim types that are extracted when validating a <see cref="JwtSecurityToken"/> or <see cref="JsonWebToken"/>.
     /// <para>If this is set to true, the Claim Type is set to the JSON claim 'name' after translating using this mapping. Otherwise, no mapping occurs.</para>
     /// <para>The default value is true.</para>
     /// </summary>
     public bool MapInboundClaims
     {
-        get => _defaultHandler.MapInboundClaims;
-        set => _defaultHandler.MapInboundClaims = value;
+        get => _mapInboundClaims;
+        set
+        {
+            _mapInboundClaims = value;
+            _defaultHandler.MapInboundClaims = value;
+            _defaultTokenHandler.MapInboundClaims = value;
+        }
     }
 
     /// <summary>
diff --git a/src/Security/Authentication/WsFederation/src/WsFederationHandler.cs b/src/Security/Authentication/WsFederation/src/WsFederationHandler.cs
@@ -1,7 +1,6 @@
 // Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
-using System;
 using System.Linq;
 using System.Security.Claims;
 using System.Text.Encodings.Web;
diff --git a/src/Security/Authentication/WsFederation/src/WsFederationOptions.cs b/src/Security/Authentication/WsFederation/src/WsFederationOptions.cs
@@ -30,7 +30,7 @@ public class WsFederationOptions : RemoteAuthenticationOptions
         {
             new Saml2SecurityTokenHandler(),
             new SamlSecurityTokenHandler(),
-            new JsonWebTokenHandler()
+            new JsonWebTokenHandler(){ MapInboundClaims = true }
         };
 
     private TokenValidationParameters _tokenValidationParameters = new TokenValidationParameters();

Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,7 @@ public class WsFederationOptions : RemoteAuthenticationOptions`
`30`	`30`	`{`
`31`	`31`	`new Saml2SecurityTokenHandler(),`
`32`	`32`	`new SamlSecurityTokenHandler(),`
`33`		`- new JsonWebTokenHandler()`
	`33`	`+ new JsonWebTokenHandler(){ MapInboundClaims = true }`
`34`	`34`	`};`
`35`	`35`
`36`	`36`	`private TokenValidationParameters _tokenValidationParameters = new TokenValidationParameters();`