diff --git a/src/Workleap.AspNetCore.Authentication.ClientCredentialsGrant/RequireClientCredentialsRequirementHandler.cs b/src/Workleap.AspNetCore.Authentication.ClientCredentialsGrant/RequireClientCredentialsRequirementHandler.cs index ad6deaa..424e55f 100644 --- a/src/Workleap.AspNetCore.Authentication.ClientCredentialsGrant/RequireClientCredentialsRequirementHandler.cs +++ b/src/Workleap.AspNetCore.Authentication.ClientCredentialsGrant/RequireClientCredentialsRequirementHandler.cs @@ -47,7 +47,7 @@ protected override Task HandleRequirementAsync(AuthorizationHandlerContext conte return Task.CompletedTask; } - private bool TryGetRequiredScopes(AuthorizationHandlerContext context, [NotNullWhen(true)] out string[]? requiredScopes) + private bool TryGetRequiredScopes(AuthorizationHandlerContext context, [NotNullWhen(true)] out HashSet? requiredScopes) { requiredScopes = null; @@ -65,7 +65,7 @@ private bool TryGetRequiredScopes(AuthorizationHandlerContext context, [NotNullW return false; } - requiredScopes = requiredPermissions.SelectMany(this.FormatScopes).ToArray(); + requiredScopes = requiredPermissions.SelectMany(this.FormatScopes).ToHashSet(StringComparer.Ordinal); return true; } @@ -74,10 +74,10 @@ private string[] FormatScopes(string requiredPermission) return [requiredPermission, $"{this._jwtOptions.Audience}:{requiredPermission}"]; } - private static bool HasOneOfScope(ClaimsPrincipal claimsPrincipal, string[] requiredScopes) + private static bool HasOneOfScope(ClaimsPrincipal claimsPrincipal, HashSet requiredScopes) { return claimsPrincipal.Claims .Where(claim => ScopeClaimTypes.Contains(claim.Type)) - .Any(claim => requiredScopes.Contains(claim.Value, StringComparer.Ordinal)); + .Any(claim => requiredScopes.Contains(claim.Value)); } } \ No newline at end of file