使用Owin從JWT獲得自定義聲明
[英]Get custom claims from a JWT using Owin
問題描述
我將Owin與JWTBearerAuthentication一起使用來授權用戶並驗證其令牌。 我正在這樣做:
public class Startup
{
public void Configuration(IAppBuilder app)
{
HttpConfiguration config = new HttpConfiguration();
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{id}",
defaults: new { id = RouteParameter.Optional }
);
ConfigureOAuth(app);
app.UseWebApi(config);
}
private void ConfigureOAuth(IAppBuilder app)
{
string issuer = ConfigurationManager.AppSettings.Get("auth_issuer");
string audience = ConfigurationManager.AppSettings.Get("auth_clientId");
byte[] secret = TextEncodings.Base64Url.Decode(ConfigurationManager.AppSettings.Get("auth_secret"));
app.UseJwtBearerAuthentication(new JwtBearerAuthenticationOptions
{
AuthenticationMode = AuthenticationMode.Active,
AllowedAudiences = new [] { audience },
IssuerSecurityTokenProviders = new IIssuerSecurityTokenProvider[]
{
new SymmetricKeyIssuerSecurityTokenProvider(issuer, secret)
}
});
}
}
但是,我在令牌中有一些自定義聲明,並且想要在我的ApiController中使用它們的值,如下所示:
[RoutePrefix("endpoint")]
public class MyApiController : ApiController
{
[Route("action")]
[Authorize]
public IHttpActionResult Post(string someValue)
{
bool res = DoSomeAction.withTheString(someValue);
if (res)
{
return Ok<string>(someValue);
}
return InternalServerError();
}
}
是否有類似User.Claims["myCustomClaim"].Value ,它提供了所有聲明的值?
謝謝盧卡斯
1 個解決方案
解決方案1
2 已采納 2015-01-21 22:11:53
這樣的事情可能會有所幫助:
var identity = User.Identity as ClaimsIdentity;
return identity.Claims.Select(c => new
{
Type = c.Type,
Value = c.Value
});
使用OWIN Identity v2聲明來跟蹤WebAPI2應用程序中的自定義屬性
[英]Using OWIN Identity v2 Claims to track custom properties in WebAPI2 app
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.