Merge pull request #1769 from DuendeSoftware/jmdc/json-serialization

Handle case-insensitive JSON claim value types.

identity-server/src/IdentityServer/Extensions/ClaimsExtensions.cs

@@ -84,11 +84,12 @@ private static object GetValue(Claim claim)
             }
         }
 
-        if (claim.ValueType == IdentityServerConstants.ClaimValueTypes.Json)
+        // Ignore case here so that we also match System.IdentityModel.Tokens.Jwt.JsonClaimValueTypes.Json ("JSON")
+        if (claim.ValueType.Equals(IdentityServerConstants.ClaimValueTypes.Json, StringComparison.OrdinalIgnoreCase))
         {
             try
             {
-                return System.Text.Json.JsonSerializer.Deserialize<JsonElement>(claim.Value);
+                return JsonSerializer.Deserialize<JsonElement>(claim.Value);
             }
             catch { }
         }

identity-server/src/IdentityServer/Extensions/TokenExtensions.cs

@@ -153,7 +153,8 @@ private static object AddObject(Claim claim)
             return double.Parse(claim.Value);
         }
 
-        if (claim.ValueType == IdentityServerConstants.ClaimValueTypes.Json)
+        // Ignore case here so that we also match System.IdentityModel.Tokens.Jwt.JsonClaimValueTypes.Json ("JSON")
+        if (claim.ValueType.Equals(IdentityServerConstants.ClaimValueTypes.Json, StringComparison.OrdinalIgnoreCase))
         {
             return JsonSerializer.Deserialize<JsonElement>(claim.Value);
         }

identity-server/test/IdentityServer.UnitTests/Extensions/ApiResourceSigningAlgorithmSelectionTests.cs

@@ -2,12 +2,8 @@
 // See LICENSE in the project root for license information.
 
 
-using System;
-using System.Collections.Generic;
-using System.Linq;
 using Duende.IdentityServer.Models;
 using FluentAssertions;
-using Xunit;
 
 namespace UnitTests.Extensions;
 

identity-server/test/IdentityServer.UnitTests/Extensions/ClaimsExtensionsTests.cs

@@ -0,0 +1,29 @@
+using System.Security.Claims;
+using System.Text.Json;
+using Duende.IdentityServer;
+using Duende.IdentityServer.Extensions;
+using FluentAssertions;
+
+namespace UnitTests.Extensions;
+
+public class ClaimsExtensionsTests
+{
+
+    [Theory]
+    [InlineData(System.IdentityModel.Tokens.Jwt.JsonClaimValueTypes.Json)]
+    [InlineData(IdentityServerConstants.ClaimValueTypes.Json)]
+    public void TestName(string claimType)
+    {
+        var payload =
+        """
+        {
+            "test": "value"
+        }
+        """;
+        Claim[] claims = [new Claim("claim", payload, claimType)];
+
+        var result = claims.ToClaimsDictionary();
+
+        result["claim"].Should().BeOfType<JsonElement>();
+    }
+}

identity-server/test/IdentityServer.UnitTests/Extensions/TokenExtensionsTests.cs

@@ -30,6 +30,10 @@ public class TokenExtensionsTests
         "\"test_json_array\":[\"value1\",\"value2\",\"value3\"]")]
     [InlineData("test_json_obj", " { \"value1\": \"value2\" , \"value3\": [ \"value4\", \"value5\" ] } ", "json", 
         "\"test_json_obj\":{\"value1\":\"value2\",\"value3\":[\"value4\",\"value5\"]}")]
+    [InlineData("test_json_array", " [ \"value1\" , \"value2\" , \"value3\" ] ", "JSON", 
+        "\"test_json_array\":[\"value1\",\"value2\",\"value3\"]")]
+    [InlineData("test_json_obj", " { \"value1\": \"value2\" , \"value3\": [ \"value4\", \"value5\" ] } ", "JSON", 
+        "\"test_json_obj\":{\"value1\":\"value2\",\"value3\":[\"value4\",\"value5\"]}")]
     [InlineData("test_any", "raw\"string\tspecial char", "any", "\"test_any\":\"raw\\u0022string\\tspecial char\"")]
     public void TestClaimValueTypes(string type, string value, string valueType, string expected)
     {