1. 首页
  2. 问答
  3. 从api2.1获取来自不记名令牌的自定义声明价值

从api2.1获取来自不记名令牌的自定义声明价值

2014-02-11 32 views
2

感谢@leastprivilege我已经更加接近我尝试实现的目标。从api2.1获取来自不记名令牌的自定义声明价值

我增加了一些自定义值的要求(无我自己的原创作品!)的

更新后的文件Auth.Startup

public partial class Startup 
{ 
    static Startup() 
    { 
     PublicClientId = "self"; 

     UserManagerFactory =() => new UserManager<IdentityUser>(new UserStore<IdentityUser>()); 

     OAuthOptions = new OAuthAuthorizationServerOptions 
     { 
      TokenEndpointPath = new PathString("/Token"), 
      Provider = new ApplicationOAuthProvider(PublicClientId, UserManagerFactory), 
      AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"), 
      AccessTokenExpireTimeSpan = TimeSpan.FromDays(14), 
      AllowInsecureHttp = true 
     }; 
    } 

    public static OAuthAuthorizationServerOptions OAuthOptions { get; private set; } 

    public static Func<UserManager<IdentityUser>> UserManagerFactory { get; set; } 

    public static string PublicClientId { get; private set; } 

    // For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864 
    public void ConfigureAuth(IAppBuilder app) 
    { 
     // Enable the application to use a cookie to store information for the signed in user 
     // and to use a cookie to temporarily store information about a user logging in with a third party login provider 
     app.UseCookieAuthentication(new CookieAuthenticationOptions()); 
     app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); 

     // transform claims to application identity 
     app.UseClaimsTransformation(TransformClaims); 


     // Enable the application to use bearer tokens to authenticate users 
     app.UseOAuthBearerTokens(OAuthOptions); 



     // Uncomment the following lines to enable logging in with third party login providers 
     //app.UseMicrosoftAccountAuthentication(
     // clientId: "", 
     // clientSecret: ""); 

     //app.UseTwitterAuthentication(
     // consumerKey: "", 
     // consumerSecret: ""); 

     //app.UseFacebookAuthentication(
     // appId: "", 
     // appSecret: ""); 

     //app.UseGoogleAuthentication(); 
    } 

    private Task<ClaimsPrincipal> TransformClaims(ClaimsPrincipal incoming) 
    { 
     if (!incoming.Identity.IsAuthenticated) 
     { 
      return Task.FromResult<ClaimsPrincipal>(incoming); 
     } 

     // parse incoming claims - create new principal with app claims 
     var claims = new List<Claim> 
     { 
      new Claim(ClaimTypes.Role, "foo"), 
      new Claim(ClaimTypes.Role, "bar") 
     }; 

     var nameId = incoming.FindFirst(ClaimTypes.NameIdentifier); 
     if (nameId != null) 
     { 
      claims.Add(nameId); 
     } 

     var thumbprint = incoming.FindFirst(ClaimTypes.Thumbprint); 
     if (thumbprint != null) 
     { 
      claims.Add(thumbprint); 
     } 

     var id = new ClaimsIdentity("Application"); 
     id.AddClaims(claims); 

     return Task.FromResult<ClaimsPrincipal>(new ClaimsPrincipal(id)); 
    } 

}

我尝试访问通过声明类型角色

var cp = ClaimsPrincipal.Current.Identities;

但是,挖掘我似乎无法找到任何引用ClaimTypes.Role。

我是否试图以错误的方式访问角色?

来源

2014-02-11 Diver Dan

回答

0

订单事宜在OWIN中 - 将索赔转换令牌中间件。

来源

2014-02-11 12:13:14 leastprivilege

+0

我在//app.UseGoogleAuthentication()后移动了它;但是我仍然没有看到任何东西。我是否把这个放在不正确的地方? –

+0

也许它会,如果你只发布的启动部分,你实际上使用... – leastprivilege

+0

对不起,但我没有得到它。我认为我需要app.UseOAuthBearerTokens(OAuthOptions);或者我应该删除这个使用app.UseClaimsTransformation(TransformClaims); ? –

相关问题

 相关问题