diff --git a/identity-server/src/AspNetIdentity/DefaultSessionClaimsFilter.cs b/identity-server/src/AspNetIdentity/DefaultSessionClaimsFilter.cs index 0845f2e23..b12e94afd 100644 --- a/identity-server/src/AspNetIdentity/DefaultSessionClaimsFilter.cs +++ b/identity-server/src/AspNetIdentity/DefaultSessionClaimsFilter.cs @@ -13,10 +13,6 @@ public Task> FilterToSessionClaimsAsync(SecurityStamp { var newClaimTypes = context.NewPrincipal.Claims.Select(x => x.Type).ToArray(); var currentClaimsToKeep = context.CurrentPrincipal.Claims.Where(x => !newClaimTypes.Contains(x.Type)).ToArray(); - - var id = context.NewPrincipal.Identities.First(); - id.AddClaims(currentClaimsToKeep); - return Task.FromResult>(currentClaimsToKeep); } } diff --git a/identity-server/test/IdentityServer.UnitTests/AspNetIdentity/DefaultSessionClaimsFilterTests.cs b/identity-server/test/IdentityServer.UnitTests/AspNetIdentity/DefaultSessionClaimsFilterTests.cs index 1303be50b..a16149588 100644 --- a/identity-server/test/IdentityServer.UnitTests/AspNetIdentity/DefaultSessionClaimsFilterTests.cs +++ b/identity-server/test/IdentityServer.UnitTests/AspNetIdentity/DefaultSessionClaimsFilterTests.cs @@ -22,7 +22,8 @@ public async Task FilterToSessionClaimsAsync_with_session_and_non_session_claims new Claim(ClaimTypes.Name, "bob") }; var currentPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims)); - var newPrincipal = new ClaimsPrincipal(new ClaimsIdentity([new Claim("custom", "value"), new Claim(ClaimTypes.Name, "bob")])); + Claim[] newClaims = [new Claim("custom", "value"), new Claim(ClaimTypes.Name, "bob")]; + var newPrincipal = new ClaimsPrincipal(new ClaimsIdentity(newClaims)); var filter = new DefaultSessionClaimsFilter(); var context = new SecurityStampRefreshingPrincipalContext() { NewPrincipal = newPrincipal, CurrentPrincipal = currentPrincipal }; @@ -35,6 +36,9 @@ public async Task FilterToSessionClaimsAsync_with_session_and_non_session_claims resultTypes.ShouldContain(JwtClaimTypes.AuthenticationTime); resultTypes.ShouldNotContain("custom"); resultTypes.ShouldNotContain(ClaimTypes.Name); + + currentPrincipal.Claims.Count().ShouldBe(claims.Length); + newPrincipal.Claims.Count().ShouldBe(newClaims.Length); } [Fact] @@ -60,6 +64,8 @@ public async Task FilterToSessionClaimsAsync_with_only_session_claims_should_fil JwtClaimTypes.AuthenticationTime ]; result.ShouldAllBe(c => expectClaimTypes.Contains(c.Type)); + currentPrincipal.Claims.Count().ShouldBe(claims.Length); + newPrincipal.Claims.Count().ShouldBe(0); } [Fact] @@ -78,6 +84,8 @@ public async Task FilterToSessionClaimsAsync_with_no_session_claims_should_retur var result = await filter.FilterToSessionClaimsAsync(context); result.ShouldBeEmpty(); + currentPrincipal.Claims.Count().ShouldBe(claims.Length); + newPrincipal.Claims.Count().ShouldBe(claims.Length); } [Fact] @@ -91,5 +99,7 @@ public async Task FilterToSessionClaimsAsync_when_principal_has_no_claims_should var result = await filter.FilterToSessionClaimsAsync(context); result.ShouldBeEmpty(); + currentPrincipal.Claims.Count().ShouldBe(0); + newPrincipal.Claims.Count().ShouldBe(0); } }