.Net Core OAuth嵌套声明不会映射回用户

时间:2018-10-27 01:36:45

标签: c# oauth-2.0 .net-core claims-based-identity

我正在尝试访问OAuth之后的声明:

services.AddAuthentication(options =>
{
    options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = COINBASE_AUTH_ID;
})
.AddCookie()
.AddOAuth(COINBASE_AUTH_ID, options =>
{
    options.ClientId = Configuration["Coinbase:ClientId"];
    options.ClientSecret = Configuration["Coinbase:ClientSecret"];
    options.CallbackPath = new PathString("/signin-coinbase");

    options.AuthorizationEndpoint = "https://www.coinbase.com/oauth/authorize";
    options.TokenEndpoint = "https://api.coinbase.com/oauth/token";
    options.UserInformationEndpoint = "https://api.coinbase.com/v2/user";

    options.SaveTokens = true;

    options.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "id");
    options.ClaimActions.MapJsonKey(ClaimTypes.Name, "name");
    options.ClaimActions.MapJsonKey("urn:coinbase:avatar", "avatar_url");

    options.Events = new OAuthEvents
    {
        OnCreatingTicket = async context =>
        {
            var request = new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint);
            request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", context.AccessToken);
            request.Headers.Add("CB-VERSION", DateTime.Now.ToShortDateString()); 
            var response = await context.Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, context.HttpContext.RequestAborted);
            response.EnsureSuccessStatusCode();

            var user = JObject.Parse(await response.Content.ReadAsStringAsync());

            context.RunClaimActions(user);
        }
    };
});

据我了解,在OnCreatingTicket中获得访问令牌后,我通过UserEndpoint获得了一个用户。当我致电context.RunClaimActions(user)时,这会将我在选项中设置的声明映射到用户。

在“我的索引”模型中,我尝试像这样获取映射的声明:

public class IndexModel : PageModel
{
    public string CoinbaseId { get; set; }

    public string CoinbaseAvatar { get; set; }

    public string CoinbaseName { get; set; }

    public async Task OnGetAsync()
    {
        if (User.Identity.IsAuthenticated)
        {
            CoinbaseName = User.FindFirst(c => c.Type == ClaimTypes.Name)?.Value;
            CoinbaseId = User.FindFirst(c => c.Type == ClaimTypes.NameIdentifier)?.Value;
            CoinbaseAvatar = User.FindFirst(c => c.Type == "urn:coinbase:avatar")?.Value;

        }
    }

但是,该模型返回所有​​空值。我从coinbase的回复中包含了所有这3个声明,但它们似乎并未映射到我的内存用户中,有人知道原因吗?

编辑

事实证明,Coinbase不会直接返回用户对象,而是返回包装在名为Data的对象中的用户对象。

我尝试用

作为地图的前缀 
options.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "data.id");

我认为我需要手动解析数据对象

2 个答案:

答案 0 :(得分:1)

要解决此问题,我只用SelectToken

抓取了JObject中的嵌套属性。 
var userData = JObject.Parse(await response.Content.ReadAsStringAsync());
var user = userData["data"];

context.RunClaimActions(JObject.FromObject(user));

答案 1 :(得分:1)

您可以使用 ClaimActions.MapJsonSubKey 导航到嵌套键。

相关问题
最新问题