From 62eea365e8835323230c32eff6ec9b7b78cc1be0 Mon Sep 17 00:00:00 2001 From: Brock Allen Date: Thu, 22 Dec 2016 14:50:05 -0500 Subject: [PATCH] log claim types that were filtered from profile service --- src/IdentityServer4/Constants.cs | 2 +- src/IdentityServer4/Services/DefaultClaimsService.cs | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/src/IdentityServer4/Constants.cs b/src/IdentityServer4/Constants.cs index 42503a9974..72892afb9f 100644 --- a/src/IdentityServer4/Constants.cs +++ b/src/IdentityServer4/Constants.cs @@ -283,7 +283,7 @@ public class Filters }; // filter list for claims returned from profile service prior to creating tokens - public static readonly string[] ClaimsProviderFilterClaimTypes = new string[] + public static readonly string[] ClaimsServiceFilterClaimTypes = new string[] { // TODO: consider JwtClaimTypes.AuthenticationContextClassReference, JwtClaimTypes.AccessTokenHash, diff --git a/src/IdentityServer4/Services/DefaultClaimsService.cs b/src/IdentityServer4/Services/DefaultClaimsService.cs index c74072b9b7..4bd67f1310 100644 --- a/src/IdentityServer4/Services/DefaultClaimsService.cs +++ b/src/IdentityServer4/Services/DefaultClaimsService.cs @@ -242,7 +242,13 @@ protected virtual IEnumerable GetOptionalClaims(ClaimsPrincipal subject) /// protected virtual IEnumerable FilterProtocolClaims(IEnumerable claims) { - return claims.Where(x => !Constants.Filters.ClaimsProviderFilterClaimTypes.Contains(x.Type)); + var claimsToFilter = claims.Where(x => Constants.Filters.ClaimsServiceFilterClaimTypes.Contains(x.Type)); + if (claimsToFilter.Any()) + { + var types = claimsToFilter.Select(x => x.Type); + _logger.LogInformation("Claim types from profile service that were filtered: {claimTypes}", types); + } + return claims.Except(claimsToFilter); } } } \ No newline at end of file