1
我遵循Using OAuth to Secure Your ASP.NET API课程Pluralsight。我已经建立了IdentityServer与多家InMemoryUsers的,其中一个看起来像这样...使用IdentityServer3获取声明
public static List<InMemoryUser> Get()
{
return new List<InMemoryUser>
{
new InMemoryUser
{
Username = "[email protected]",
Password = "password",
Subject = "[email protected]",
Claims = new[]
{
new Claim(Constants.ClaimTypes.Id, "96cddc1de66641829237b7f09869b1c8"),
new Claim(Constants.ClaimTypes.Name, "Some Full name example
}
},
};
}
如果我授权用户,并使用附带的访问令牌来调用API,权利要求书的收集,为用户,看起来像这样...
((User as System.Security.Claims.ClaimsPrincipal).Identities.First() as System.Security.Claims.ClaimsIdentity).Claims.ToList()
Count = 10
[0]: {iss: https://localhost:44375}
[1]: {aud: https://localhost:44375/resources}
[2]: {exp: 1468920204}
[3]: {nbf: 1468916604}
[4]: {client_id: my_clientid}
[5]: {scope: openid}
[6]: {http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier: [email protected]}
[7]: {http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant: 1468916604}
[8]: {http://schemas.microsoft.com/identity/claims/identityprovider: idsrv}
[9]: {http://schemas.microsoft.com/claims/authnmethodsreferences: password}
如果我放弃,我使用到调试器在jwt.io我得到这个快捷键...
{
"iss": "https://localhost:44375",
"aud": "https://localhost:44375/resources",
"exp": 1468921471,
"nbf": 1468917871,
"client_id": "my_clientid,
"scope": "openid",
"sub": "[email protected]",
"auth_time": 1468917871,
"idp": "idsrv",
"amr": [
"password"
]
}
我不清楚是什么这是我做或不做,即停止从返回中定义的声明。
任何想法?
我添加了该配置方法的最顶端IdentityServer项目中的启动类,但无济于事。逐句通过我的代码我注意到,我期望的声明都在集合中,当我处理用户服务中的AuthenticateLocalAsync方法时(自发布原始问题以来,我已经从InMemoryUsers中移除) –
将它添加到在我的** API **项目中启动类的配置方法的顶部,它的工作! –