【发布时间】:2016-03-06 01:07:45
【问题描述】:
基于 Shaun Luttin 在https://stackoverflow.com/a/30857524 的出色示例,我能够使用该代码来生成和使用不记名令牌。小改动是为了获取最新的包:
"dependencies": {
"Microsoft.AspNet.Authentication.JwtBearer": "1.0.0-rc1-final",
"AspNet.Security.OpenIdConnect.Server": "1.0.0-beta4"
}
虽然代码是一个很好的开始,但它并不是一个完全集成 w/ ASP.NET Identity 的完整解决方案。我修改了 AuthorizationProvider 类如下:
public override Task GrantResourceOwnerCredentials(
GrantResourceOwnerCredentialsContext context)
{
var user = _userManager.FindByNameAsync(context.UserName).Result;
if (user == null)
{
context.Rejected("The user name or password is incorrect.");
}
else
{
var signInManager = context.HttpContext.RequestServices
.GetRequiredService<SignInManager<ApplicationUser>>();
if (signInManager.CanSignInAsync(user).Result &&
_userManager.CheckPasswordAsync(user, context.Password).Result)
{
var principal = signInManager.CreateUserPrincipalAsync(user).Result;
//To avoid leaking confidential data, AspNet.Security.OpenIdConnect.Server
//refuses to serialize the claims that don't explicitly specify a destination.
foreach (var claim in principal.Claims)
claim.WithDestination("token id_token");
context.Validated(principal);
}
else
context.Rejected("The user name or password is incorrect.");
}
return Task.FromResult(0);
}
我正在使用 CreateUserPrincipalAsync 为 Validated 方法创建 ClaimsPrincipal。有没有更好的方法来集成 w/ ASP.NET Identity?
【问题讨论】:
-
这方面有什么更新吗?我无法获得
signInManager,也无法获得`_userManager。也许他们被注射了?
标签: asp.net-core openid-connect bearer-token asp.net-identity-3 aspnet-contrib