堆栈内存溢出
  简体   繁体   English

通过使用数据库中的数据更新 Claim 进行授权(Blazor WebAssembly ASP.NET Core 托管)

[英]Authorizing by updating Claim with data from database (Blazor WebAssembly ASP.NET Core hosted)

 原文  2020-04-14 12:33:48       authentication/ asp.net-core/ blazor/ webassembly/ claims-authentication

问题描述

I have a question regarding authentication in my web-app using Blazor WebAssembly ASP.NET Core hosted.我对使用 Blazor WebAssembly ASP.NET Core 托管的网络应用程序中的身份验证有疑问。 The database used is Azure SQL.使用的数据库是Azure SQL。

I want to avoid storing passwords in the database and the users are therefore restricted to having a Microsoft-account (relevant to the project).我想避免将密码存储在数据库中,因此用户只能拥有 Microsoft 帐户(与项目相关)。

As of now, the user logs in with Azure AD as the third-party authentication provider.截至目前,用户使用Azure AD作为第三方认证提供商登录。 When redirected back to the web-app, a user is created with a claim which only consists of the Email from Azure. The user is directed to a registration page where the Email-input is set to the current user-claim email. When the user clicks the register button, the information provided is now stored in the database.当重定向回网络应用程序时,将创建一个用户,其声明仅包含来自 Azure 的 Email。用户将被定向到注册页面,其中电子邮件输入设置为当前用户声明 email。当用户单击注册按钮,提供的信息现在存储在数据库中。

The problem is that I now have a user in the db, but the claim is still just the Email. I want to be able to use the AuthorizeView role tag on the different pages, and therefore wondered if its possible to update the claim with a role that the user specified in the registration-page?问题是我现在在数据库中有一个用户,但声明仍然只是 Email。我希望能够在不同的页面上使用AuthorizeView role标签,因此想知道是否可以使用更新声明用户在注册页面中指定的角色? This data is at this point only stored in the database.此数据此时仅存储在数据库中。

If this is a bad practice, is there any other similar way I could make this work?如果这是一种不好的做法,还有其他类似的方法可以使这项工作成功吗?

1 个解决方案

解决方案1
 0  2020-04-14 13:20:04

To use the AuthorizeView role , roles claims should be return by your Identity provider (Azure AD in your case).要使用AuthorizeView role ,角色声明应由您的身份提供者(在您的情况下为 Azure AD)返回。 Your application should ask those claims by asking the corresponding scope.您的应用程序应该通过询问相应的 scope 来询问这些声明。
According to the doc: Permissions and consent in the Microsoft identity platform endpoint , the profile scope should return roles claims.根据文档: Permissions and consent in the Microsoft identity platform endpoint配置文件scope 应该返回角色声明。

The doc Secure an ASP.NET Core Blazor WebAssembly standalone app with Azure Active Directory explains how to request scopes from Azure AD文档Secure an ASP.NET Core Blazor WebAssembly standalone app with Azure Active Directory解释了如何从 Azure AD 请求范围

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 ASP.NET Core中基于声明的方法 - Claim base approach in ASP.NET Core 在 Blazor 中一起使用 ASP.Net Core Identity 和 Azure 身份验证 - Using ASP.Net Core Identity and Azure authentication together in Blazor 带有 Blazor 的 ASP.NET Core 7 可以使用带有域提示的 NavigateToLogin 吗? - Can ASP.NET Core 7 with Blazor use NavigateToLogin with a domain hint? 使用 Authenticator 应用程序的 ASP.Net Core/Blazor 身份验证 - ASP.Net Core/Blazor Authentication using Authenticator app 从外部数据库登录 ASP.NET Core 2.2 - Login from external database ASP.NET Core 2.2 我可以使用 JWT 进行身份验证,但我的 ASP.NET Core 应用程序无法识别我的名称声明 - I can Authenticate with my JWT but my Name claim is not recognised in my ASP.NET Core application 使用 NoSQL 数据库的 ASP.NET Core 身份验证 - ASP.NET Core Authentication with NoSQL database blazor webassembly windows 身份验证 + .netcore 托管 - blazor webassembly windows authentication + .netcore hosted Blazor 身份验证,用于具有多个 Webassembly 应用程序的托管部署 - Blazor Authentication for Hosted Deployment with Multiple Webassembly Apps Blazor WebAssembly 托管代理在身份验证成功时崩溃 - Blazor WebAssembly Hosted Proxy crash on successful authentication
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM