[英]Azure Mobile Services - Custom Authentication Claims Issue
I've implemented custom authentication in my mobile services, but the claims that I add to my ClaimsIdentity object don't appear to be saved. 我已经在移动服务中实现了自定义身份验证,但是添加到ClaimsIdentity对象中的声明似乎没有被保存。
I create my ClaimsIdentity object, and then pass it to the CreateLoginResult method, as follows: 我创建我的ClaimsIdentity对象,然后将其传递给CreateLoginResult方法,如下所示:
public IServiceTokenHandler Handler { get; set; }
...
ClaimsIdentity claimsIdentity = new ClaimsIdentity();
claimsIdentity.AddClaim(new Claim(ClaimTypes.NameIdentifier, "username"));
claimsIdentity.AddClaim(new Claim(ClaimTypes.GivenName, "FirstName"));
claimsIdentity.AddClaim(new Claim(ClaimTypes.Surname, "LastName"));
LoginResult login = new CustomLoginProvider(Handler).CreateLoginResult(claimsIdentity, "masterkey");
If I call another method with the returned authorization token and try to retrieve the GivenName or Surname claims, they aren't available. 如果我使用返回的授权令牌调用其他方法,并尝试检索GivenName或Surname声明,则它们不可用。
var identity = (ClaimsIdentity)User.Identity;
// 'claim' will be null
Claim claim = identity.FindFirst(ClaimTypes.GivenName);
Is this expected behaviour or am I doing something wrong? 这是预期的行为还是我做错了什么? I'm making an assumption that the Claims in the ClaimsIdentity object being sent to CreateLoginResult are being saved against that authenticated user.
我假设发送给CreateLoginResult的ClaimsIdentity对象中的Claims针对该经过身份验证的用户进行保存。
The ClaimsIdentity passed into this method does not get used fully unless you act on it in an overload of CreateCredentials()
. 除非您在
CreateCredentials()
的重载中CreateCredentials()
进行操作,否则传递给此方法的ClaimsIdentity不会得到充分利用。 First you should create a child class of ProviderCredentials with the fields you want. 首先,您应该使用所需的字段创建ProviderCredentials的子类。 CreateCredentials() will be called by
CreateLoginResult()
, and it will get the same ClaimsIdentity as a parameter. CreateCredentials()将由
CreateLoginResult()
调用,它将获得与参数相同的ClaimsIdentity。
The returned ProviderCredentials gets stored, and you can always retrieve it again in your server code with a call to ServiceUser.GetIdentitiesAsync()
. 返回的ProviderCredentials将被存储,您始终可以通过调用
ServiceUser.GetIdentitiesAsync()
在服务器代码中再次检索它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.