stackoom
  简体   繁体   中英

Insert more claim into identity OnTokenValidated event of JWT Bearer

 原文  2017-05-06 04:12:01       c#/ asp.net-core/ jwt/ asp.net-core-webapi/ json-web-token

Question

Currently, I'm making a SPA using angular 4 & net core 1.1 . My system uses JWT for checking user identity. Everytime user accesses into my system, I want to check his/her identity (status, role) in database and update to HttpContext.Identity.

Here is my code: 

OnTokenValidated = async context =>
{
    // Find unit of work.
    var unitOfWork = context.HttpContext.RequestServices.GetService<IUnitOfWork>();
    var identityService = context.HttpContext.RequestServices.GetService<IIdentityService>();

    // Find claim identity attached to principal.
    var claimIdentity = (ClaimsIdentity)context.Ticket.Principal.Identity;

    // Find email from claims list.
    var email =
        claimIdentity.Claims.Where(x => x.Type.Equals(ClaimTypes.Email))
            .Select(x => x.Value)
            .FirstOrDefault();

    // Email is invalid.
    if (string.IsNullOrEmpty(email))
        return;

    // Find account information.
    var condition = new SearchAccountViewModel();
    condition.Email = new TextSearch();
    condition.Email.Value = email;
    condition.Email.Mode = TextComparision.Equal;

    // Find accounts based on conditions.
    var accounts = unitOfWork.RepositoryAccounts.Search();
    accounts = unitOfWork.RepositoryAccounts.Search(accounts, condition);

    // Find the first matched account in the system.
    var account = await accounts.FirstOrDefaultAsync();

    // Account is not found.
    if (account == null)
        return;

    var identity = (ClaimsIdentity) identityService.InitiateIdentity(account);
    identity.AddClaim(new Claim(ClaimTypes.Role, Enum.GetName(typeof(Roles), account.Role)));
    identity.AddClaim(new Claim(ClaimTypes.Authentication, Enum.GetName(typeof(Statuses), account.Status)));

    context.HttpContext.User = new ClaimsPrincipal(identity);
}

In my AccountController.cs I have a function: 

/// <summary>
/// Find personal profile.
/// </summary>
/// <returns></returns>
[HttpGet("personal-profile")]
public IActionResult FindProfile()
{
    var identity = (ClaimsIdentity) Request.HttpContext.User.Identity;
    var claims = identity.Claims.ToDictionary(x => x.Type, x => x.Value);
    return Ok(claims);
}

Here is the result I have: 

{
  "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress": "linhndse03150@gmail.com.vn",
  "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": "Goldarina Wharrier",
  "auth_time": "1494072536661.38",
  "nbf": "1494043736",
  "exp": "1494047336",
  "iss": "iConfess Ordinary",
  "aud": "http://localhost:5001"
}

No role or status had been included into identity. My question is: - How can I add more claims into request identity after validating token and searching user information in database.

Could anyone help me please ?

Thank you,

1 answers

solution1
 0  2017-12-26 17:48:45

尝试这个: 

context.Principal.AddIdentity(identity);

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Custom claim not accessible in AuthorizationHandlerContext Identity server 4 JWT Add a claim to JWT as an array? How to inject services in an AddOpenIdConnect event (OnTokenValidated)? JWT bearer authentication and Dependency Injection with Identity inside ASP.NET Core Identity Claim Timeout Authorization by a Claim of a Role on Web API using JWT Token- Asp.net Core Identity Not getting user “email” as a claim (from jwt token) back from identity server How to authenticate from Web API controller endpoint when implementing Identity 2.1 + OWIN OAuth JWT bearer token JWT Bearer Token not working with ASP.Net Core 3.1 + Identity Server 4 Jwt Bearer and dependency injection
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM