Fix OIDC identifier claim definition

nexus-main · Jan 25, 2025 · 0c89a92 · 0c89a92
1 parent 6b6b38a
commit 0c89a92
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 5 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,6 @@
+## v2.0.0-beta.45 - 2025-01-25
+- Fix OIDC identifier claim definition
+
 ## v2.0.0-beta.44 - 2025-01-23
 - Fix SimpleDataSource (Python)
 

diff --git a/src/Nexus/Core/NexusAuthExtensions.cs b/src/Nexus/Core/NexusAuthExtensions.cs
@@ -138,7 +138,7 @@ public static IServiceCollection AddNexusAuth(
                         var principal = context.Principal
                             ?? throw new Exception("The principal is null. This should never happen.");
 
-                        var identifierClaim = securityOptions.OidcIdentifierClaim;
+                        var identifierClaim = provider.IdentifierClaim;
 
                         var userId = principal.FindFirstValue(identifierClaim)
                             ?? throw new Exception($"Could not find a value for claim '{identifierClaim}' in the OIDC ticket.");

diff --git a/src/Nexus/Core/NexusOptions.cs b/src/Nexus/Core/NexusOptions.cs
@@ -100,7 +100,8 @@ internal record OpenIdConnectProvider(
     string DisplayName,
     string Authority,
     string ClientId,
-    string ClientSecret
+    string ClientSecret,
+    string IdentifierClaim = Claims.Subject
 );
 
 internal partial record SecurityOptions() : NexusOptionsBase
@@ -110,6 +111,4 @@ internal partial record SecurityOptions() : NexusOptionsBase
     public TimeSpan CookieLifetime { get; set; } = TimeSpan.FromDays(30);
 
     public List<OpenIdConnectProvider> OidcProviders { get; set; } = [];
-
-    public string OidcIdentifierClaim { get; set; } = Claims.Subject;
 }
diff --git a/version.json b/version.json
@@ -1,4 +1,4 @@
 {
     "version": "2.0.0",
-    "suffix": "beta.44"
+    "suffix": "beta.45"
 }