stackoom
  简体   繁体   中英

How to get all claims of a user?

 原文  2021-02-20 08:23:57       c#/ asp.net-core/ authentication/ oauth-2.0/ identityserver4

Question

I am new in IdentityServer4 and i have a simple login configuration. Here is my user Test User:

return new List<TestUser> {
    new TestUser {
       SubjectId = "5BE86359-073C-434B-AD2D-A3932222DABE", // just get this in claims list
       Username = "name",
       Password = "password",
       Claims = new List<Claim> {
           new Claim(ClaimTypes.Email, "my@email.com") // not found
       }
      }
     };

I also have a client:

return new List<Client>
            {
                new Client
                {
                    ClientId = "MVC1",
                    ClientName = "This is my MVC1",
                    ClientSecrets = new List<Secret> {new Secret("MVC1".Sha256())}, // change me!
    
                    AllowedGrantTypes = GrantTypes.Code,
                    RedirectUris = new List<string> {"http://localhost:7573/signin-oidc"},
                    AllowedScopes = new List<string>
                    {
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile,
                        IdentityServerConstants.StandardScopes.Email, // permission to access email claim
                    },

                    RequirePkce = true,
                    AllowPlainTextPkce = false
            }
};

and this is my code for client configuration:

.AddOpenIdConnect("OIDC", options =>
                {
                    options.SignInScheme = "cookie";

                    options.Authority = "http://localhost:5000";
                    options.RequireHttpsMetadata = false;

                    options.ClientId = "MVC1";
                    options.ClientSecret = "MVC1";

                    options.ResponseType = "code";
                    options.UsePkce = true;

                    options.ResponseMode = "query";

                    options.CallbackPath = "/signin-oidc";
                    
                    options.Scope.Add("openid");
                    options.Scope.Add("profile");
                    options.Scope.Add("email"); // i wants to access but not found in claims list

                    options.SaveTokens = true;
                });

i want to access all the claims configured but i just find SubjectId and not email. 在此处输入图像描述

Help Me Please:(

1 answers

solution1
 1 ACCPTED  2021-02-20 12:31:33

by default you need to be explicit and tell which claims you want from the tokens and user-info endpoint to end up in the user, by adding this to the AddOpenIDConnect options

options.ClaimActions.MapUniqueJsonKey("website", "website");
options.ClaimActions.MapUniqueJsonKey("gender", "gender");
options.ClaimActions.MapUniqueJsonKey("birthdate", "birthdate");

You should also add a IdentityResource definition, because it controls what goes into the ID-Token, like

        _identityResources = new List<IdentityResource>()
        {
            new IdentityResources.OpenId(),
            new IdentityResources.Email(),
            new IdentityResources.Profile(),
            new IdentityResources.Address(),
        };

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to manage user claims? How to get user claims by using JWT Bearer token how to get claims of another user using ASP.NET Core How to get JWT Claims once for all WebApi Controllers How to seed an user with a few claims? Get claims from jwt token into context.User.Claims identity server 4 does not show all user claims How does Asp.Net Identity 2 User Info get mapped to IdentityServer3 profile claims How to get JWT authenticated sign-in user from identity claims in asp.net web api How to get user claims inside ASP Core 2 method without Authorize attribute?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM