ClaimsPrincipal.Current.Identity.Name Empty when authenticated from client, fine in browser

Question

I have the following Azure Function,

#r "Newtonsoft.Json"

using Newtonsoft.Json.Linq;
using System.Net;
using System.Security.Claims;

public static async Task<HttpResponseMessage> Run(HttpRequestMessage req, TraceWriter log)
{
    try
    {
        JObject pJOtClaims = new JObject();
        foreach(Claim curClaim in  ClaimsPrincipal.Current.Identities.First().Claims)
        {
            pJOtClaims.Add(curClaim.Type, new JValue(curClaim.Value));
        }
        return(req.CreateResponse(HttpStatusCode.OK, $"{pJOtClaims.ToString(Newtonsoft.Json.Formatting.None)}"));
    }
    catch(Exception ex)
    {
        return(req.CreateResponse(HttpStatusCode.OK, $"{ex.Message}"));
    }
}

I have configured only Facebook authentication for this Function App. This function works for both in-browser and client authentication. When I invoke this method in browser I get a whole bunch of claims, including my registered Facebook email address. When I invoke this from client authentication, I get the following claims,

{
    "stable_sid":"...",
    "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier":"...",
    "http://schemas.microsoft.com/identity/claims/identityprovider":"...",
    "ver":"...",
    "iss":"...",
    "aud":"...",
    "exp":"...",
    "nbf":"..."
}

Unfortunately none of these include my Facebook email address which I need. I have enabled the "email" scope for the Facebook authentication configuration. Any ideas how to get this?

Nick.

Answer 1

Okay so I haven't found the exact solution I wanted, but this should get me by. Technically I only need the email address during registration, after that I can just use the stable_sid as is part of the identity I do get. So What I have done is to pass on the x-zumo-auth header to the ".auth/me" method, get the property I need. I'm using this method

    public static async Task<String> GetAuthProviderParam(String iAuthMeURL,
        String iXZumoAUth,
        String iParamKey)
    {
        using (HttpClient pHCtClient = new HttpClient())
        {
            pHCtClient.DefaultRequestHeaders.Add("x-zumo-auth", iXZumoAUth);
            String pStrResponse = await pHCtClient.GetStringAsync(iAuthMeURL);
            JObject pJOtResponse = JObject.Parse(pStrResponse.Trim(new Char[] { '[', ']' }));
            if(pJOtResponse[iParamKey] != null)
            {
                return (pJOtResponse[iParamKey].Value<String>());
            }
            else
            {
                throw new KeyNotFoundException(String.Format("A parameter with the key '{0}' was not found.", iParamKey));
            }
        }
    }

This can be called in the function like so,

    if(req.Headers.Contains("x-zumo-auth"))
    {
        String pStrXZumoAuth = req.Headers.GetValues("x-zumo-auth").First();
        String pStrParam = await FunctionsHelpers.GetAuthProviderParam("https://appname.azurewebsites.net/.auth/me",
            pStrXZumoAuth,
            "user_id");
        //pStrParam = user_id
    }