Click here to Skip to main content
14,976,274 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
More of an architectural / early thoughts question rather than a code issue.

I have an application where the logged in user adds commands to a command queue. (CQRS)
These commands may be executed later when the user is no longer logged on so I need to pass along an authentication token with the command that the user was logged on when the command was issued.

Should I create a custom claim[^] for each command type the user has access to?

My command class has an unique identifier (GUID), a unique command type that can be used to be the claim name and a parameter to hold the authorisation token. What should I put in the token to later verify the command came from who it is claimed it came from?

Private m_identifier As Guid = Guid.NewGuid

Private m_userIdentifier As String

Private m_authorisationToken As String

Private m_parameters As Dictionary(Of String, CommandParameter)

''' <summary>
''' Unique identifier of this command instance
''' </summary>
''' <remarks>
''' This should not be assumed to be sequential
''' </remarks>
Public ReadOnly Property InstanceIdentifier As Guid Implements ICommandDefinition.InstanceIdentifier
        Return m_identifier
    End Get
End Property

''' <summary>
''' The human-readable name of the command.  This must be provided by the derived base class
''' </summary>
''' <remarks>
''' For a high-frequency or low data use scenario an enumerated type can be used but for most cases a readable text
''' name for the command is preferable.
''' </remarks>
Public MustOverride ReadOnly Property CommandName As String Implements ICommandDefinition.CommandName

Any thoughts or links?

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900