我使用 Owin 和 JWTBearerAuthentication 来授权用户并验证他们的令牌。我这样做是这样的:
public class Startup
{
public void Configuration(IAppBuilder app)
{
HttpConfiguration config = new HttpConfiguration();
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{id}",
defaults: new { id = RouteParameter.Optional }
);
ConfigureOAuth(app);
app.UseWebApi(config);
}
private void ConfigureOAuth(IAppBuilder app)
{
string issuer = ConfigurationManager.AppSettings.Get("auth_issuer");
string audience = ConfigurationManager.AppSettings.Get("auth_clientId");
byte[] secret = TextEncodings.Base64Url.Decode(ConfigurationManager.AppSettings.Get("auth_secret"));
app.UseJwtBearerAuthentication(new JwtBearerAuthenticationOptions
{
AuthenticationMode = AuthenticationMode.Active,
AllowedAudiences = new [] { audience },
IssuerSecurityTokenProviders = new IIssuerSecurityTokenProvider[]
{
new SymmetricKeyIssuerSecurityTokenProvider(issuer, secret)
}
});
}
}
但是,我的令牌中有一些自定义声明,并且希望在我的 ApiController 中使用它们的值,如下所示:
[RoutePrefix("endpoint")]
public class MyApiController : ApiController
{
[Route("action")]
[Authorize]
public IHttpActionResult Post(string someValue)
{
bool res = DoSomeAction.withTheString(someValue);
if (res)
{
return Ok<string>(someValue);
}
return InternalServerError();
}
}
有没有类似的东西User.Claims["myCustomClaim"].Value
,它提供了所有声明的值?
谢谢你,
卢卡斯
像这样的事情可能会有所帮助:
var identity = User.Identity as ClaimsIdentity;
return identity.Claims.Select(c => new
{
Type = c.Type,
Value = c.Value
});
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)