堆栈内存溢出
  简体   繁体   English

在启动时从存储在数据库中添加自定义声明

[英]Add custom claims from stored in database on startup

 原文  2020-02-03 22:42:31       c#/ asp.net-core

问题描述

I have the following ClaimsTransformer class that works very well for assigning custom claims on startup, but I need to also be able to retrieve claims that are stored in a database and add them to the user identity.我有以下ClaimsTransformer类,它非常适合在启动时分配自定义声明,但我还需要能够检索存储在数据库中的声明并将它们添加到用户身份中。 Unfortunately, I haven't found a way to access the database from within this class.不幸的是,我还没有找到从这个类中访问数据库的方法。 My assumption was that I would be able to inject my database class using DI, but I'm unable to do so because it will no longer accommodate the constructor for IClaimsTransformation .我的假设是我可以使用 DI 注入我的数据库类,但我无法这样做,因为它将不再容纳IClaimsTransformation的构造IClaimsTransformation

public class ClaimsTransformer : IClaimsTransformation
{
    public Task<ClaimsPrincipal> TransformAsync(ClaimsPrincipal principal)
    {
        var identity = principal.Identity as ClaimsIdentity;

        var claims = new List<Claim>();

        using (var context = new PrincipalContext(ContextType.Domain))
        {
            if (identity != null)
            {
                var user = UserPrincipal.FindByIdentity(context, identity.Name);
                if (user != null) claims.Add(new Claim(CustomClaimType.DisplayName.ToString(), user.DisplayName));
            }
        }

        claims.AddRange(identity?.Claims);

        //var newIdentity = new ClaimsIdentity(claims, identity?.AuthenticationType);
        var newIdentity = new ClaimsIdentity(claims, "Kerberos");
        return Task.FromResult(new ClaimsPrincipal(newIdentity));
    }
}

1 个解决方案

解决方案1
 0 已采纳  2020-02-03 23:31:19

You can take a look at the code of the PolicyServer for some inspiration.您可以查看PolicyServer的代码以获得一些启发。 From the code :代码

// this sets up the PolicyServer client library and policy provider -
// configuration is loaded from appsettings.json
services.AddPolicyServerClient(Configuration.GetSection("Policy"))
    .AddAuthorizationPermissionPolicies();

reads policies from a json file, something like:从 json 文件中读取策略,例如:

"Policy": {
  "claims": [
    {
      "name": "tenantid",
      "value": "44"
    }
  ],
  "roles": [

but that can be any source.但这可以是任何来源。 In your case it may be a singleton that is filled from the database.在您的情况下,它可能是从数据库中填充的单例。

And add the claims using middleware .并使用middleware添加声明。 In your case something like:在你的情况下是这样的:

// Inject the repository
public async Task Invoke(HttpContext context, IClaimsRepository repository)
{
    if (context.User.Identity.IsAuthenticated)
    {
        // Get claims from (cached) database, singleton.
        var claims = await repository.GetClaimsAsync();
        if (claims.Count > 0)
        {
            var id = new ClaimsIdentity(claims, "MyMiddleware", "name", "role");
            // Add as extra Identity to User.
            context.User.AddIdentity(id);
        }
    }
    await _next(context);
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 JWT如何添加自定义声明和解码声明 - JWT How to add custom claims and decode claims 如何添加自定义声明类型 - How to add custom claims types 无法添加和获取自定义声明值 - Unable to add and fetch custom claims values Identity Server 4 向用户添加自定义声明 - Identity Server 4 add custom claims to User Okta Single Sign On for SharePoint 2013-如何从数据库注入自定义声明 - Okta Single Sign On for SharePoint 2013 - how to inject custom claims from database 使用Owin从JWT获得自定义声明 - Get custom claims from a JWT using Owin 从 JWT 获取自定义声明的值 - Getting values of custom Claims from JWT SignalR 2绑定到声明中的自定义用户ID - SignalR 2 bind to custom userid from claims 从启动重定向到自定义域 - Redirect to custom domain from startup 如何将自定义声明添加到 azure b2c 访问令牌? - How to add custom claims to azure b2c access token?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM