ASP.NET Core 2.1 Jwt设置自定义声明
问题说明
我有应该为用户设置声明的这段代码.当我使用身份和默认登录名时,它可以正常工作.但是,当我在另一个应用程序中使用jwt作为身份验证时,我没有ApplicationUser,因为我的ApplicationUser存储在对用户进行身份验证的另一个应用程序中.如何自定义此代码,使其与jwt一起使用?
I have this code that is supposed to set claims for a user. It works fine when I use identity and the default login. However, when I use jwt as authentication in another application, I don't have ApplicationUser as my ApplicationUser is stored in the other application that authenticates the user. How can I customize this code so that it works with jwt?
private readonly SignInManager<TIdentityUser> _signInManager;
public CustomClaimsCookieSignInHelper(SignInManager<TIdentityUser> signInManager)
{
_signInManager = signInManager;
}
public async Task SignInUserAsync(TIdentityUser user, bool isPersistent, IEnumerable<Claim> customClaims)
{
var claimsPrincipal = await _signInManager.CreateUserPrincipalAsync(user);
var identity = claimsPrincipal.Identity as ClaimsIdentity;
var claims = (from c in claimsPrincipal.Claims select c).ToList();
var savedClaims = claims;
if (customClaims != null)
{
identity.AddClaims(customClaims);
}
await _signInManager.Context.SignInAsync(IdentityConstants.ApplicationScheme,
claimsPrincipal,
new AuthenticationProperties { IsPersistent = isPersistent });
}
我想我的主要目的是在httpcontext中而不是在cookie中设置我的用户声明,而我想在不使用身份的情况下做到这一点.
I guess my main intention is to set my users claims in the httpcontext and not in a cookie and I want to do that without using identity.
我的应用程序结构
AuthenticationApp(服务器)
AuthenticationApp (server)
- 负责验证用户
- 生成并解码Jwt
- 检查用户是否具有适当的角色,并通过rest api返回true/false
MainApp(客户端)
MainApp (client)
- 对AuthenticationApp进行api调用
- 完全不使用身份
- 每次需要检查用户角色时都发送Jwt
我知道我将能够解码jwt客户端.但是,我不知道在哪里可以存储已解码的jwt详细信息,以便可以在视图中使用它.我最初的想法是像使用用户身份的普通应用程序一样使用Httpcontext.但是,我坚持上面的代码.
I understand that I will be able to decode the jwt client side. However, I do not know where I can store the decoded jwt details so that I can use it in the view. My initial idea was to use Httpcontext like normal applications that user Identity. However, I am stuck with the code above.
正确答案
要在Controller和View之间共享身份信息,可以通过HttpContext.SignInAsync
签名用户信息.
For sharing the Identity information between Controller and View, you could sign the User information by HttpContext.SignInAsync
.
请尝试以下步骤来满足您的要求:
Try steps below to achieve your requirement:
-
控制器操作
-
Controller Action
public async Task<IActionResult> Index()
{
var identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme, ClaimTypes.Name, ClaimTypes.Role);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, "edward"));
identity.AddClaim(new Claim(ClaimTypes.Name, "edward zhou"));
//add your own claims from jwt token
var principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal, new AuthenticationProperties { IsPersistent = true });
return View();
}
-
查看
-
View
@foreach (var item in Context.User.Claims) { <p>@item.Value</p> };
-
要使上述代码生效,请在
Startup.cs
public class Startup { public Startup(IConfiguration configuration) { Configuration = configuration; } public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { //your rest code services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env) { //your rest code app.UseAuthentication(); app.UseMvc(routes => { routes.MapRoute( name: "default", template: "{controller=Home}/{action=Index}/{id?}"); }); }
}
这篇好文章是转载于:学新通技术网
- 版权申明: 本站部分内容来自互联网,仅供学习及演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系,请提供相关证据及您的身份证明,我们将在收到邮件后48小时内删除。
- 本站站名: 学新通技术网
- 本文地址: /reply/detail/tanhcfijce
-
YouTube API 不能在 iOS (iPhone/iPad) 工作,但在桌面浏览器工作正常?
it1352 07-30 -
iPhone,一张图像叠加到另一张图像上以创建要保存的新图像?(水印)
it1352 07-17 -
保持在后台运行的 iPhone 应用程序完全可操作
it1352 07-25 -
使用 iPhone 进行移动设备管理
it1352 07-23 -
在android同时打开手电筒和前置摄像头
it1352 09-28 -
扫描 NFC 标签时是否可以启动应用程序?
it1352 08-02 -
检查邮件是否发送成功
it1352 07-25 -
Android微调工具-删除当前选择
it1352 06-20 -
希伯来语的空格句子标记化错误
it1352 06-22 -
Android App 和三星 Galaxy S4 不兼容
it1352 07-20