Return the user's role when we authenticate with ASP.NET WebApi

Question

We are following this excellent tutorial using an ASP.NET Web Application and Individual User Accounts.

To Authenticate and Get a Bearer Token we POST the following:

Request URL:http://localhost:3067/token
grant_type=password&username=alice&password=password123

As expected the token provider returns this:

{
   "access_token":"rkg5dP_Lyg ... TIHLD2xIRJ",
   "token_type":"bearer",
   "expires_in":1209599,
   "userName":"Alice",
   ".issued":"Mon, 03 Feb 2014 19:06:32 GMT",
   ".expires":"Mon, 17 Feb 2014 19:06:32 GMT"
}

This is good. Now, how do we add a role property to the JSON response?

   "userRole":"admin"

Answer 1

If you are using the default project template in Visual Studio, then all you need to do is add userRole to your AuthenticationProperties array that is passed when you call Authentication.SignIn.

So if you are still using the ApplicationOAuthProvider class, add userRole to the properties dictionary in the CreateProperties method like so:

public static AuthenticationProperties CreateProperties(string userName, string userRole)
{
    IDictionary<string, string> data = new Dictionary<string, string>
    {
        { "userName", userName },
        { "userRole", userRole }
    };
    return new AuthenticationProperties(data);
}

Then whenever you call Authentication.SignIn you pass it the new list of properties and userRole should also show up. For Token authentication you will need to add this in the GrantResourceOwnerCrentials method in the ApplicationOAuthProvider class, and for regular cookie authenticatin it will need to be modified in the AccountController in the GetExternalLogin method.