From 90cf6592af6bb1822a3c76104ccc92bf00ae7cd2 Mon Sep 17 00:00:00 2001 From: Damian Hickey Date: Thu, 26 Feb 2026 11:41:49 +0100 Subject: [PATCH] Thread CT through SecurityStampValidatorCallback.UpdatePrincipal via IHttpContextAccessor --- .../ConfigureSecurityStampValidatorOptions.cs | 6 ++++-- .../src/AspNetIdentity/SecurityStampValidatorCallback.cs | 5 +++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/identity-server/src/AspNetIdentity/ConfigureSecurityStampValidatorOptions.cs b/identity-server/src/AspNetIdentity/ConfigureSecurityStampValidatorOptions.cs index a400ca7f6..1051855f4 100644 --- a/identity-server/src/AspNetIdentity/ConfigureSecurityStampValidatorOptions.cs +++ b/identity-server/src/AspNetIdentity/ConfigureSecurityStampValidatorOptions.cs @@ -1,12 +1,14 @@ // Copyright (c) Duende Software. All rights reserved. // See LICENSE in the project root for license information. +using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Identity; using Microsoft.Extensions.Options; namespace Duende.IdentityServer.AspNetIdentity; -public class ConfigureSecurityStampValidatorOptions(ISessionClaimsFilter sessionClaimsFilter) : IConfigureOptions +public class ConfigureSecurityStampValidatorOptions(ISessionClaimsFilter sessionClaimsFilter, IHttpContextAccessor httpContextAccessor) : IConfigureOptions { - public void Configure(SecurityStampValidatorOptions options) => options.OnRefreshingPrincipal = async context => await SecurityStampValidatorCallback.UpdatePrincipal(context, sessionClaimsFilter); + public void Configure(SecurityStampValidatorOptions options) => options.OnRefreshingPrincipal = async context => + await SecurityStampValidatorCallback.UpdatePrincipal(context, sessionClaimsFilter, httpContextAccessor.HttpContext?.RequestAborted ?? default); } diff --git a/identity-server/src/AspNetIdentity/SecurityStampValidatorCallback.cs b/identity-server/src/AspNetIdentity/SecurityStampValidatorCallback.cs index 54c5b8d81..be581ce78 100644 --- a/identity-server/src/AspNetIdentity/SecurityStampValidatorCallback.cs +++ b/identity-server/src/AspNetIdentity/SecurityStampValidatorCallback.cs @@ -18,15 +18,16 @@ public static class SecurityStampValidatorCallback /// Instance of session claims filter used to filter the claims from the ClaimsPrincipal to /// those that are session claims which are not persisted by ASP.NET Identity and would otherwise bee lost when the principal /// is updated. + /// The cancellation token. /// - public static async Task UpdatePrincipal(SecurityStampRefreshingPrincipalContext context, ISessionClaimsFilter sessionClaimsFilter) + public static async Task UpdatePrincipal(SecurityStampRefreshingPrincipalContext context, ISessionClaimsFilter sessionClaimsFilter, Ct ct) { if (context.NewPrincipal == null || !context.NewPrincipal.Identities.Any()) { return; } - var currentClaimsToKeep = await sessionClaimsFilter.FilterToSessionClaimsAsync(context, default); + var currentClaimsToKeep = await sessionClaimsFilter.FilterToSessionClaimsAsync(context, ct); var id = context.NewPrincipal.Identities.First(); id.AddClaims(currentClaimsToKeep);