diff --git a/src/OpenIddict.Abstractions/Primitives/OpenIddictExtensions.cs b/src/OpenIddict.Abstractions/Primitives/OpenIddictExtensions.cs
index 40136ed0..65a239de 100644
--- a/src/OpenIddict.Abstractions/Primitives/OpenIddictExtensions.cs
+++ b/src/OpenIddict.Abstractions/Primitives/OpenIddictExtensions.cs
@@ -1300,14 +1300,6 @@ namespace OpenIddict.Abstractions
public static string? GetTokenType(this ClaimsPrincipal principal)
=> principal.GetClaim(Claims.Private.TokenType);
- ///
- /// Determines whether the claims principal contains at least one audience.
- ///
- /// The claims principal.
- /// true if the principal contains at least one audience.
- public static bool HasAudience(this ClaimsPrincipal principal)
- => principal.HasClaim(Claims.Private.Audience);
-
///
/// Determines whether the claims principal contains the given audience.
///
@@ -1329,14 +1321,6 @@ namespace OpenIddict.Abstractions
return principal.HasClaim(Claims.Private.Audience, audience);
}
- ///
- /// Determines whether the claims principal contains at least one presenter.
- ///
- /// The claims principal.
- /// true if the principal contains at least one presenter.
- public static bool HasPresenter(this ClaimsPrincipal principal)
- => principal.HasClaim(Claims.Private.Presenter);
-
///
/// Determines whether the claims principal contains the given presenter.
///
@@ -1358,14 +1342,6 @@ namespace OpenIddict.Abstractions
return principal.HasClaim(Claims.Private.Presenter, presenter);
}
- ///
- /// Determines whether the claims principal contains at least one resource.
- ///
- /// The claims principal.
- /// true if the principal contains at least one resource.
- public static bool HasResource(this ClaimsPrincipal principal)
- => principal.HasClaim(Claims.Private.Resource);
-
///
/// Determines whether the claims principal contains the given resource.
///
@@ -1387,14 +1363,6 @@ namespace OpenIddict.Abstractions
return principal.HasClaim(Claims.Private.Resource, resource);
}
- ///
- /// Determines whether the claims principal contains at least one scope.
- ///
- /// The claims principal.
- /// true if the principal contains at least one scope.
- public static bool HasScope(this ClaimsPrincipal principal)
- => principal.HasClaim(Claims.Private.Scope);
-
///
/// Determines whether the claims principal contains the given scope.
///
diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Introspection.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Introspection.cs
index ea19f4e5..6d537a97 100644
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.Introspection.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Introspection.cs
@@ -796,8 +796,8 @@ namespace OpenIddict.Server
// If the access token doesn't contain any explicit presenter/audience, the token is assumed
// to be not specific to any resource server/client application and the check is bypassed.
if (context.Principal.HasTokenType(TokenTypeHints.AccessToken) &&
- context.Principal.HasAudience() && !context.Principal.HasAudience(context.ClientId) &&
- context.Principal.HasPresenter() && !context.Principal.HasPresenter(context.ClientId))
+ context.Principal.HasClaim(Claims.Private.Audience) && !context.Principal.HasAudience(context.ClientId) &&
+ context.Principal.HasClaim(Claims.Private.Presenter) && !context.Principal.HasPresenter(context.ClientId))
{
context.Logger.LogError(SR.GetResourceString(SR.ID6106));
@@ -813,7 +813,7 @@ namespace OpenIddict.Server
// If the refresh token doesn't contain any explicit presenter, the token is
// assumed to be not specific to any client application and the check is bypassed.
if (context.Principal.HasTokenType(TokenTypeHints.RefreshToken) &&
- context.Principal.HasPresenter() && !context.Principal.HasPresenter(context.ClientId))
+ context.Principal.HasClaim(Claims.Private.Presenter) && !context.Principal.HasPresenter(context.ClientId))
{
context.Logger.LogError(SR.GetResourceString(SR.ID6108));
diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Revocation.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Revocation.cs
index 0b8614fa..4f7ee927 100644
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.Revocation.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Revocation.cs
@@ -739,8 +739,8 @@ namespace OpenIddict.Server
// If the access token doesn't contain any explicit presenter/audience, the token is assumed
// to be not specific to any resource server/client application and the check is bypassed.
if (context.Principal.HasTokenType(TokenTypeHints.AccessToken) &&
- context.Principal.HasAudience() && !context.Principal.HasAudience(context.ClientId) &&
- context.Principal.HasPresenter() && !context.Principal.HasPresenter(context.ClientId))
+ context.Principal.HasClaim(Claims.Private.Audience) && !context.Principal.HasAudience(context.ClientId) &&
+ context.Principal.HasClaim(Claims.Private.Presenter) && !context.Principal.HasPresenter(context.ClientId))
{
context.Logger.LogError(SR.GetResourceString(SR.ID6119));
@@ -756,7 +756,7 @@ namespace OpenIddict.Server
// If the refresh token doesn't contain any explicit presenter, the token is
// assumed to be not specific to any client application and the check is bypassed.
if (context.Principal.HasTokenType(TokenTypeHints.RefreshToken) &&
- context.Principal.HasPresenter() && !context.Principal.HasPresenter(context.ClientId))
+ context.Principal.HasClaim(Claims.Private.Presenter) && !context.Principal.HasPresenter(context.ClientId))
{
context.Logger.LogError(SR.GetResourceString(SR.ID6121));
diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.cs
index 36eaed3e..0df503fb 100644
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.cs
@@ -624,7 +624,7 @@ namespace OpenIddict.Server
// In OpenIddict 3.0, the audiences allowed to receive a token are stored in "oi_aud".
// If no such claim exists, try to infer them from the standard "aud" JWT claims.
- if (!context.Principal.HasAudience())
+ if (!context.Principal.HasClaim(Claims.Private.Audience))
{
var audiences = context.Principal.GetClaims(Claims.Audience);
if (audiences.Any())
@@ -641,7 +641,7 @@ namespace OpenIddict.Server
// specified. To ensure presenters stored in JWT tokens created by OpenIddict 1.x/2.x
// can still be read with OpenIddict 3.0, the presenter is automatically inferred from
// the "azp" or "client_id" claim if no "oi_prst" claim was found in the principal.
- if (!context.Principal.HasPresenter())
+ if (!context.Principal.HasClaim(Claims.Private.Presenter))
{
var presenter = context.Principal.GetClaim(Claims.AuthorizedParty) ??
context.Principal.GetClaim(Claims.ClientId);
@@ -655,7 +655,7 @@ namespace OpenIddict.Server
// In OpenIddict 3.0, the scopes granted to an application are stored in "oi_scp".
// If no such claim exists, try to infer them from the standard "scope" JWT claim,
// which is guaranteed to be a unique space-separated claim containing all the values.
- if (!context.Principal.HasScope())
+ if (!context.Principal.HasClaim(Claims.Private.Scope))
{
var scope = context.Principal.GetClaim(Claims.Scope);
if (!string.IsNullOrEmpty(scope))
@@ -1510,7 +1510,7 @@ namespace OpenIddict.Server
// Always include the "openid" scope when the developer doesn't explicitly call SetScopes.
// Note: the application is allowed to specify a different "scopes": in this case,
// don't replace the "scopes" property stored in the authentication ticket.
- if (!context.Principal.HasScope() && context.Request.HasScope(Scopes.OpenId))
+ if (!context.Principal.HasClaim(Claims.Private.Scope) && context.Request.HasScope(Scopes.OpenId))
{
context.Principal.SetScopes(Scopes.OpenId);
}
@@ -1546,7 +1546,7 @@ namespace OpenIddict.Server
// Add the validated client_id to the list of authorized presenters,
// unless the presenters were explicitly set by the developer.
- if (!context.Principal.HasPresenter() && !string.IsNullOrEmpty(context.ClientId))
+ if (!context.Principal.HasClaim(Claims.Private.Presenter) && !string.IsNullOrEmpty(context.ClientId))
{
context.Principal.SetPresenters(context.ClientId);
}
@@ -1581,7 +1581,8 @@ namespace OpenIddict.Server
Debug.Assert(context.Principal is { Identity: ClaimsIdentity }, SR.GetResourceString(SR.ID4006));
// When a "resources" property cannot be found in the ticket, infer it from the "audiences" property.
- if (context.Principal.HasAudience() && !context.Principal.HasResource())
+ if (context.Principal.HasClaim(Claims.Private.Audience) &&
+ !context.Principal.HasClaim(Claims.Private.Resource))
{
context.Principal.SetResources(context.Principal.GetAudiences());
}
diff --git a/src/OpenIddict.Validation/OpenIddictValidationHandlers.cs b/src/OpenIddict.Validation/OpenIddictValidationHandlers.cs
index 8cbcc902..dbb1f248 100644
--- a/src/OpenIddict.Validation/OpenIddictValidationHandlers.cs
+++ b/src/OpenIddict.Validation/OpenIddictValidationHandlers.cs
@@ -460,7 +460,7 @@ namespace OpenIddict.Validation
// In OpenIddict 3.0, the audiences allowed to receive a token are stored in "oi_aud".
// If no such claim exists, try to infer them from the standard "aud" JWT claims.
- if (!context.Principal.HasAudience())
+ if (!context.Principal.HasClaim(Claims.Private.Audience))
{
var audiences = context.Principal.GetClaims(Claims.Audience);
if (audiences.Any())
@@ -477,7 +477,7 @@ namespace OpenIddict.Validation
// specified. To ensure presenters stored in JWT tokens created by OpenIddict 1.x/2.x
// can still be read with OpenIddict 3.0, the presenter is automatically inferred from
// the "azp" or "client_id" claim if no "oi_prst" claim was found in the principal.
- if (!context.Principal.HasPresenter())
+ if (!context.Principal.HasClaim(Claims.Private.Presenter))
{
var presenter = context.Principal.GetClaim(Claims.AuthorizedParty) ??
context.Principal.GetClaim(Claims.ClientId);
@@ -491,7 +491,7 @@ namespace OpenIddict.Validation
// In OpenIddict 3.0, the scopes granted to an application are stored in "oi_scp".
// If no such claim exists, try to infer them from the standard "scope" JWT claim,
// which is guaranteed to be a unique space-separated claim containing all the values.
- if (!context.Principal.HasScope())
+ if (!context.Principal.HasClaim(Claims.Private.Scope))
{
var scope = context.Principal.GetClaim(Claims.Scope);
if (!string.IsNullOrEmpty(scope))
diff --git a/test/OpenIddict.Abstractions.Tests/Primitives/OpenIddictExtensionsTests.cs b/test/OpenIddict.Abstractions.Tests/Primitives/OpenIddictExtensionsTests.cs
index 62a911ee..79a607c5 100644
--- a/test/OpenIddict.Abstractions.Tests/Primitives/OpenIddictExtensionsTests.cs
+++ b/test/OpenIddict.Abstractions.Tests/Primitives/OpenIddictExtensionsTests.cs
@@ -1982,21 +1982,6 @@ namespace OpenIddict.Abstractions.Tests.Primitives
Assert.StartsWith(SR.GetResourceString(SR.ID0186), exception.Message);
}
- [Theory]
- [InlineData(new string[0], false)]
- [InlineData(new[] { "fabrikam" }, true)]
- public void HasAudience_ReturnsExpectedResult(string[] audience, bool result)
- {
- // Arrange
- var identity = new ClaimsIdentity();
- var principal = new ClaimsPrincipal(identity);
-
- principal.SetClaims(Claims.Private.Audience, audience.ToImmutableArray());
-
- // Act and assert
- Assert.Equal(result, principal.HasAudience());
- }
-
[Theory]
[InlineData(new string[0], false)]
[InlineData(new[] { "contoso" }, false)]
@@ -2007,7 +1992,7 @@ namespace OpenIddict.Abstractions.Tests.Primitives
[InlineData(new[] { "CONTOSO", "FABRIKAM" }, false)]
[InlineData(new[] { "FABRIKAM" }, false)]
[InlineData(new[] { "FABRIKAM", "CONTOSO" }, false)]
- public void HasAudience_ReturnsAppropriateResult(string[] audience, bool result)
+ public void HasAudience_ReturnsExpectedResult(string[] audience, bool result)
{
// Arrange
var identity = new ClaimsIdentity();
@@ -2046,21 +2031,6 @@ namespace OpenIddict.Abstractions.Tests.Primitives
Assert.StartsWith(SR.GetResourceString(SR.ID0187), exception.Message);
}
- [Theory]
- [InlineData(new string[0], false)]
- [InlineData(new[] { "fabrikam" }, true)]
- public void HasPresenter_ReturnsExpectedResult(string[] presenter, bool result)
- {
- // Arrange
- var identity = new ClaimsIdentity();
- var principal = new ClaimsPrincipal(identity);
-
- principal.SetClaims(Claims.Private.Presenter, presenter.ToImmutableArray());
-
- // Act and assert
- Assert.Equal(result, principal.HasPresenter());
- }
-
[Theory]
[InlineData(new string[0], false)]
[InlineData(new[] { "contoso" }, false)]
@@ -2071,7 +2041,7 @@ namespace OpenIddict.Abstractions.Tests.Primitives
[InlineData(new[] { "CONTOSO", "FABRIKAM" }, false)]
[InlineData(new[] { "FABRIKAM" }, false)]
[InlineData(new[] { "FABRIKAM", "CONTOSO" }, false)]
- public void HasPresenter_ReturnsAppropriateResult(string[] presenter, bool result)
+ public void HasPresenter_ReturnsExpectedResult(string[] presenter, bool result)
{
// Arrange
var identity = new ClaimsIdentity();
@@ -2110,21 +2080,6 @@ namespace OpenIddict.Abstractions.Tests.Primitives
Assert.StartsWith(SR.GetResourceString(SR.ID0062), exception.Message);
}
- [Theory]
- [InlineData(new string[0], false)]
- [InlineData(new[] { "fabrikam" }, true)]
- public void HasResource_ReturnsExpectedResult(string[] resource, bool result)
- {
- // Arrange
- var identity = new ClaimsIdentity();
- var principal = new ClaimsPrincipal(identity);
-
- principal.SetClaims(Claims.Private.Resource, resource.ToImmutableArray());
-
- // Act and assert
- Assert.Equal(result, principal.HasResource());
- }
-
[Theory]
[InlineData(new string[0], false)]
[InlineData(new[] { "contoso" }, false)]
@@ -2135,7 +2090,7 @@ namespace OpenIddict.Abstractions.Tests.Primitives
[InlineData(new[] { "CONTOSO", "FABRIKAM" }, false)]
[InlineData(new[] { "FABRIKAM" }, false)]
[InlineData(new[] { "FABRIKAM", "CONTOSO" }, false)]
- public void HasResource_ReturnsAppropriateResult(string[] resource, bool result)
+ public void HasResource_ReturnsExpectedResult(string[] resource, bool result)
{
// Arrange
var identity = new ClaimsIdentity();
@@ -2148,7 +2103,7 @@ namespace OpenIddict.Abstractions.Tests.Primitives
}
[Fact]
- public void HasScope_ThrowsAnExceptionForNullPrincipal()
+ public void ClaimsPrincipal_HasScope_ThrowsAnExceptionForNullPrincipal()
{
// Arrange
var principal = (ClaimsPrincipal) null!;
@@ -2174,21 +2129,6 @@ namespace OpenIddict.Abstractions.Tests.Primitives
Assert.StartsWith(SR.GetResourceString(SR.ID0180), exception.Message);
}
- [Theory]
- [InlineData(new string[0], false)]
- [InlineData(new[] { "openid" }, true)]
- public void ClaimsPrincipal_HasScope_ReturnsExpectedResult(string[] scope, bool result)
- {
- // Arrange
- var identity = new ClaimsIdentity();
- var principal = new ClaimsPrincipal(identity);
-
- principal.SetClaims(Claims.Private.Scope, scope.ToImmutableArray());
-
- // Act and assert
- Assert.Equal(result, principal.HasScope());
- }
-
[Theory]
[InlineData(new string[0], false)]
[InlineData(new[] { "profile" }, false)]
@@ -2199,7 +2139,7 @@ namespace OpenIddict.Abstractions.Tests.Primitives
[InlineData(new[] { "PROFILE", "OPENID" }, false)]
[InlineData(new[] { "OPENID" }, false)]
[InlineData(new[] { "OPENID", "PROFILE" }, false)]
- public void HasScope_ReturnsAppropriateResult(string[] scope, bool result)
+ public void ClaimsPrincipal_HasScope_ReturnsExpectedResult(string[] scope, bool result)
{
// Arrange
var identity = new ClaimsIdentity();