【发布时间】:2015-03-01 21:58:09
【问题描述】:
我正在创建一个 WebAPI (OData) 项目并使用 Asp.Identity 进行用户管理。我已经阅读了Change Primary Key for Users in ASP.NET Identity 并且一切都按规定工作,我不知道如何配置承载令牌。在 Tom FitzMacken 的示例中,他配置 Cookie 身份验证如下。
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator
.OnValidateIdentity<ApplicationUserManager, ApplicationUser, int>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentityCallback: (manager, user) =>
user.GenerateUserIdentityAsync(manager),
getUserIdCallback:(id)=>(id.GetUserId<int>()))
}
});
这是我拥有的验证码,取自 Mike Wasson 的优秀文章Secure a Web API with Individual Accounts and Local Login in ASP.NET Web API 2.2
// Configure the application for OAuth based flow
PublicClientId = "self";
OAuthOptions = new OAuthAuthorizationServerOptions {
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
// Enable the application to use bearer tokens to authenticate users
app.UseOAuthBearerTokens(OAuthOptions);
我假设我必须对 OAuthAuthorizationServerProvider 做一些事情来提供等效的“getUserIdCallback”,但我对此知之甚少。
我的问题是,如何用 app.UseOAuthBearerTokens(OAuthOptions) 做同样的事情?
[编辑] 我看到的症状是,从我的控制器中,GetUserId() 总是返回 0。
User.Identity.GetUserId<int>()
【问题讨论】:
标签: c# asp.net asp.net-web-api asp.net-identity