我正在使用 ASP.net Core MVC。在登录过程中,在 POST 控制器操作中,我将 HttpContext.SignInAsync 与包含 JWT 访问令牌的 AuthenticationProperties 结合使用。在同一个 HttpRequest 中,我无法重新获取这些属性来获取创建的访问令牌。
...
var claimsPrincipal = CreateClaimsPrincipal("userName");
var accessToken = new AuthenticationToken()
{
Name = OpenIdConnectParameterNames.AccessToken,
Value = TOKEN_VALUE
};
AuthenticationToken[] tokens = { accessToken };
var authenticationProperties = new AuthenticationProperties();
authenticationProperties.StoreTokens(tokens);
authenticationProperties.IsPersistent = true;
// Here we sign in the user
await HttpContext.SignInAsync(claimsPrincipal, authenticationProperties);
// Afterwards, we cannot access the access token either from
var tokenValueFromGetTokenAsync = HttpContext.GetTokenAsync(OpenIdConnectParameterNames.AccessToken)
// Or with
var result = await HttpContext.AuthenticateAsync();
var tokenValueFromAuthenticateAsync = result.Properties.GetTokenValue(OpenIdConnectParameterNames.AccessToken);
有没有办法设置当前http请求的AuthenticationProperties?
我知道我可以设置 ClaimsPrincipal
HttpContext.user = claimsPrincipal
但是我可以用 AuthenticationProperties 做类似的事情吗?就像是
// I made that part up, would be cool though
HttpContext.Authentication.Properties = authenticationProperties
我将一个超级简单的代码示例上传到github:
GitHub 代码示例 https://github.com/CurlyFire/TestGetAuthenticationProperties.git
检查用 HttpPost 属性修饰的 SecurityController Login 方法。