Fix Flaky Tests: NameAndRoleClaimDelegates and RoleClaims

[kellyyangsong]

See explanation here.

Fixes #2841

[jennyf19]

Thanks for picking this up!

[kellyyangsong]

This is logically what I believe should happen - but is there a reason why we didn't have this before?

[pmaytak]

Quick thought: _mapInboundClaims flag should be checked if it's true before map is used. If it's false, the map should never be used. So this should not be needed.

[pmaytak]

Do we have the same behavior in JsonWebTokenHandler?

[pmaytak]

The test tests that the constructor of JwtSecurityTokenHandler sets up the map or not depending if the static flag DefaultMapInboundClaims was set or not; then it also checks if setting MapInboundClaims property initializes the map list.

Both MapInboundClaims and InboundClaimTypeMap are public. In our code we check the flag first before using the map. There are a couple of usage scenarios.

1. MapInboundClaims is false and InboundClaimTypeMap is empty. Set flag to true. This will initialize the map to the default map values, which makes sense since we don't know if the map will be explicitly initialized, so we set it to default. The map can still be overwritten to non-default values.
2. InboundClaimTypeMap is set to custom values. MapInboundClaims is set to true. This will not reset the map to default values because it already as values.
3. InboundClaimTypeMap is set to custom values. MapInboundClaims is set to true, then set to false. With the previous code, the map will not be cleared and when the flag is set to true, custom values will remain. With updated code, the custom values will be cleared, and when the flag is set to true, map will be set to default values. This is the possible breaking change. Probably unlikely but still.

So I would only update the test to reset DefaultMapInboundClaims to true (default) and move it and add a collection attribute to it.

[pmaytak]

This may be a breaking change.