堆栈内存溢出
  简体   繁体   English

如何验证用户的 cookie 并在身份框架中提取他们的声明?

[英]How do I validate a user's cookie and extract their claims in identity framework?

 原文  2019-07-02 14:38:23       c#/ cookies/ asp.net-identity

问题描述

I'm currently using Identity framework to create and store a cookie for the user.我目前正在使用 Identity 框架为用户创建和存储 cookie。 When the user attempts to login with the cookie, I'm unable to get the user claims from the cookie.当用户尝试使用 cookie 登录时,我无法从 cookie 中获取用户声明。 Is there a way to decrypt the cookie when it is passed in or find it within the httpcontext?有没有办法在传入cookie时对其进行解密或在httpcontext中找到它?

I've tried searching the httpcontext, and I'm currently trying to find a way to decrypt the cookie that is passed in.我已经尝试搜索 httpcontext,并且我目前正在尝试找到一种方法来解密传入的 cookie。

From startup.cs从startup.cs

 services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
                .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options =>
                {
                    options.Cookie.Name = "MyCookie.Identity";

                    options.Cookie.Expiration = TimeSpan.FromDays(1);
                });

Where I create the cookie:我在哪里创建 cookie:


        private async void AddUserCookie(AuthRequest authRequest)
        {
            var claims = new List<Claim>
            {
                new Claim(ClaimTypes.NameIdentifier, authRequest.UserName),
                new Claim(ClaimTypes.Name, authRequest.UserName),
                new Claim(ClaimTypes.Email, "TestClaim@Test.com")
            };

            var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);

            var authProperties = new AuthenticationProperties
            {
                AllowRefresh = true,
                ExpiresUtc = DateTimeOffset.UtcNow.AddDays(1),
                IsPersistent = true,
                IssuedUtc = DateTimeOffset.UtcNow
            };

            await this._httpContextAccessor.HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties).ConfigureAwait(false);

When I try to retrieve the cookie from the http context it says there's no claim's within the user's identity.当我尝试从 http 上下文中检索 cookie 时,它​​说用户身份中没有声明。

1 个解决方案

解决方案1
 1 已采纳  2019-07-22 19:56:13

Answer is provided here: https://forums.asp.net/t/2157350.aspx?How+does+cookie+authentication+in+identity+framework+work+答案在此处提供: https : //forums.asp.net/t/2157350.aspx?How+does+cookie+authentication+in+identity+framework+work+

In short, I forgot to add app.UseAuthentication() in my startup.cs简而言之,我忘了在我的 startup.cs 中添加 app.UseAuthentication()

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 用户的声明身份 - User's Claims Identity 如何在ASP.NET Identity框架中对用户进行身份验证? - How do I authenticate user in ASP.NET Identity framework? 将SignalR Hub与ASP.NET MVC 5项目一起使用时,如何访问用户在Identity 2中的声明? - How can I access the user's Claims in Identity 2 when using SignalR Hub with an ASP.NET MVC 5 project? 如何在用户的声明列表中保留多个 ClaimTypes.Role 值? - How do I persist multiple ClaimTypes.Role values in User's Claims list? 如何更新 Asp.net 核心中的用户声明 - How do I update user claims in Asp.net Core 如何使用ADAL库在ADFS中向身份令牌添加更多声明? - How Do I Add More Claims to the Identity Token in ADFS Using ADAL Libraries? 在ASP.Net Identity中声明Cookie安全性 - Claims Cookie Security in ASP.Net Identity 如何更新存储在 .NET Core 6 中的身份验证 cookie 中的用户声明 - How to update user claims stored in authentication cookie in .NET Core 6 C#Core MVC用户身份/如何保存上次登录(通过Cookie) - c# Core MVC user identity / how can I save last login (via cookie) ASP.NET 核心。 如何在没有身份用户帐户的情况下创建身份验证 cookie? - ASP.NET Core. How can i create an auth cookie without an identity user account?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM