堆栈内存溢出
  简体   繁体   English

无法使用 ASP.NET Core 从 JWT 令牌中获取声明

[英]Can't get claims from JWT token with ASP.NET Core

 原文  2016-10-27 17:07:09       c#/ asp.net-core/ jwt/ claims-based-identity

问题描述

I'm trying to do a really simple implementation of JWT bearer authentication with ASP.NET Core.我正在尝试使用 ASP.NET Core 做一个非常简单的 JWT 承载身份验证实现。 I return a response from a controller a bit like this:我从控制器返回一个响应,有点像这样:

    var identity = new ClaimsIdentity();
    identity.AddClaim(new Claim(ClaimTypes.Name, applicationUser.UserName));
        var jwt = new JwtSecurityToken(
             _jwtOptions.Issuer,
             _jwtOptions.Audience,
             identity.Claims,
             _jwtOptions.NotBefore,
             _jwtOptions.Expiration,
             _jwtOptions.SigningCredentials);

       var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);

       return new JObject(
           new JProperty("access_token", encodedJwt),
           new JProperty("token_type", "bearer"),
           new JProperty("expires_in", (int)_jwtOptions.ValidFor.TotalSeconds),
           new JProperty(".issued", DateTimeOffset.UtcNow.ToString())
       );

I have Jwt middleware for incoming requests:我有用于传入请求的 Jwt 中间件:

app.UseJwtBearerAuthentication(new JwtBearerOptions
{
     AutomaticAuthenticate = true,
     AutomaticChallenge = true,
     TokenValidationParameters = tokenValidationParameters
});

This seems to work to protect resources with the authorize attribute, but the claims never show up.这似乎可以保护具有授权属性的资源,但声明从未出现。

    [Authorize]
    public async Task<IActionResult> Get()
    {
        var user = ClaimsPrincipal.Current.Claims; // Nothing here

4 个解决方案

解决方案1
 18 已采纳  2016-10-27 17:33:36

You can't use ClaimsPricipal.Current in an ASP.NET Core application, as it's not set by the runtime.您不能在 ASP.NET Core 应用程序中使用ClaimsPricipal.Current ,因为它不是由运行时设置的。 You can read https://github.com/aspnet/Security/issues/322 for more information.您可以阅读https://github.com/aspnet/Security/issues/322了解更多信息。

Instead, consider using the User property, exposed by ControllerBase .相反,请考虑使用由ControllerBase公开的User属性。

解决方案2
 10  2016-10-27 17:37:09

Access User.Claims instead of ClaimsPrinciple.Current.Claims .访问User.Claims而不是ClaimsPrinciple.Current.Claims

From Introduction to Identity at docs.asp.net : 来自 docs.asp.net 的身份简介

...inside the HomeController.Index action method, you can view the User.Claims details. ...在HomeController.Index操作方法中,您可以查看User.Claims详细信息。

Here is the relevant source code from the MVC repository: 这是来自 MVC 存储库的相关源代码

public ClaimsPrincipal User
{
   get
   {
       return HttpContext?.User;
   }
}

解决方案3
 6  2018-01-08 17:17:24

As part of ASP.NET Core 2.0, you can read the JWT Claims like Shaun described above.作为 ASP.NET Core 2.0 的一部分,您可以像上述 Shaun 一样阅读 JWT 声明。 If you are only looking for the User Id (make sure you already add it as part of the claim using the "Sub" claim name) then you can use the following to two examples to read depending on your use case:如果您只是在寻找用户 ID(确保您已经使用“Sub”声明名称将其添加为声明的一部分),那么您可以根据您的用例使用以下两个示例来阅读:

Read User ID Claim:读取用户 ID 声明:

    public class AccountController : Controller
    {
        [Authorize]
        [HttpGet]
        public async Task<IActionResult> MethodName()
        {
            var userId = _userManager.GetUserId(HttpContext.User);
            //...
            return Ok();
        }
    }

Read Other Claims:阅读其他声明:

    public class AccountController : Controller
    {
        [Authorize]
        [HttpGet]
        public async Task<IActionResult> MethodName()
        {
            var rolesClaim = HttpContext.User.Claims.Where( c => c.Type == ClaimsIdentity.DefaultRoleClaimType).FirstOrDefault();
            //...
            return Ok();
        }
    }

解决方案4
 4  2018-12-25 11:14:04

With this solution, you can access the User.Identity and its claims in controllers when you're using JWT tokens:使用此解决方案,您可以在使用 JWT 令牌时访问控制器中的User.Identity及其声明:

Step 1: create a JwtTokenMiddleware:第 1 步:创建一个 JwtTokenMiddleware:

public static class JwtTokenMiddleware
{
    public static IApplicationBuilder UseJwtTokenMiddleware(
      this IApplicationBuilder app,
      string schema = "Bearer")
    {
        return app.Use((async (ctx, next) =>
        {
            IIdentity identity = ctx.User.Identity;
            if ((identity != null ? (!identity.IsAuthenticated ? 1 : 0) : 1) != 0)
            {
                AuthenticateResult authenticateResult = await ctx.AuthenticateAsync(schema);
                if (authenticateResult.Succeeded && authenticateResult.Principal != null)
                    ctx.User = authenticateResult.Principal;
            }
            await next();
        }));
    }
}

Step 2: use it in Startup.cs:第二步:在Startup.cs中使用:

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
    app.UseAuthentication();
    app.UseJwtTokenMiddleware();
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 直接从令牌中获取 JWT 声明,ASP Net Core 2.1 - Get JWT claims directly from the token, ASP Net Core 2.1 从 ASP.NET 核心 MVC 上的 JWT 身份验证中检索声明 - Retrieve claims from JWT authentication on ASP.NET Core MVC JWT:如何从声明中的特定键获取值列表。 C# 网络核心 - JWT: How to get a List of Values from a specific Key in the Claims. C# Asp.Net Core 通过ASP.NET核心身份中的角色声明进行JWT身份验证 - JWT Authentication by role claims in ASP.NET core Identity 如何使用ASP.NET Core中的声明检查JWT中的特权? - How to check privileges in JWT using Claims in ASP.NET Core? ASP.NET Core JWT 映射角色声明到 ClaimsIdentity - ASP.NET Core JWT mapping role claims to ClaimsIdentity ASP.NET 核心 JWT 身份验证更改声明(子) - ASP.NET Core JWT authentication changes Claims (sub) ASP.NET Core 和 JWT 令牌生命周期 - ASP.NET Core and JWT token lifetime ASP.NET Core:具有范围的JWT令牌 - ASP.NET Core: JWT token with Scopes ASP.NET Core 中的 Jwt 令牌身份验证 - Jwt token authentication in ASP.NET Core
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM