0
如何在不包含“个人资料”身份资源的情况下将身份服务器核心配置为在混合流中传递用户电子邮件?身份识别服务器4不使用简介
我希望我的服务器知道最少的用户信息,所以我只需要用户的电子邮件为用户创建一个帐户。我的同意只是要求用户授权所需的ID和电子邮件。
我正在使用实体框架商店持久数据+用户管理的Asp.net核心身份。我从下面显示的配置中填充数据库。
这是我到目前为止所做的,但我没有收到用户与用户的电子邮件索赔。虽然我收到了“sid”。
public class Config
{
// scopes define the resources in your system
public static IEnumerable<IdentityResource> GetIdentityResources()
{
return new List<IdentityResource>
{
new IdentityResources.OpenId(),
new IdentityResources.Email
{
Required = true
}
};
}
// clients want to access resources (aka scopes)
public static IEnumerable<Client> GetClients()
{
new Client
{
ClientId = "MyClient",
ClientName = "MyClient",
AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
RequireConsent = true,
ClientSecrets =
{
new Secret("secret".Sha256())
},
RedirectUris = { "http://localhost:27919/signin-oidc" },
PostLogoutRedirectUris = { "http://localhost:27919" },
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Email
},
AllowOfflineAccess = true
}
};
}
}
在客户端上我做的:
// middleware for external openid connect authentication
var options = new OpenIdConnectOptions
{
SignInScheme = "Identity.External",
SignOutScheme = "Identity",
DisplayName = "MyClient",
Authority = Constants.AuthServer.BaseUrl,
ClientId = "MyClient",
ClientSecret = "secret",
ResponseType = "code id_token",
//Scopes are entered below, outside this constructor
GetClaimsFromUserInfoEndpoint = true,
RequireHttpsMetadata = false //TODO: make true, it is false for development only
};
//Adding Scopes
options.Scope.Clear();
options.Scope.Add("openid");
options.Scope.Add("email");
app.UseOpenIdConnectAuthentication(options);