OIDC improvements

2022-03-21 09:12:18 -04:00
parent 1a86b80c61
commit 4b19059df1
7 changed files with 29 additions and 255 deletions
--- a/Oqtane.Server/Security/PrincipalValidator.cs
+++ b/Oqtane.Server/Security/PrincipalValidator.cs
@ -24,7 +24,7 @@ namespace Oqtane.Security
                    if (alias != null)
                    {
                        // verify principal was authenticated for current tenant
-                        if (context.Principal.Claims.FirstOrDefault(item => item.Type == ClaimTypes.GroupSid)?.Value != alias.AliasId.ToString())
+                        if (context.Principal.Claims.FirstOrDefault(item => item.Type == ClaimTypes.GroupSid)?.Value != alias.SiteKey)
                        {
                            // tenant agnostic requests must be ignored 
                            string path = context.Request.Path.ToString().ToLower();