在ASP.NET WebApi 2中自定义承载令牌JSON结果

时间:2014-06-20 07:24:37

标签: c# json asp.net-web-api access-token asp.net-identity

我演练this official ASP.NET tutorial,持票人令牌发布如下JSON。

{
    "access_token":"boQtj0SCGz2GFGz[...]",
    "token_type":"bearer",
    "expires_in":1209599,
    "userName":"Alice",
    ".issued":"Mon, 14 Oct 2013 06:53:32 GMT",
    ".expires":"Mon, 28 Oct 2013 06:53:32 GMT"
}

我想添加用户个人资料属性以及上述结果,以减少来自客户端的请求数量。示例如下......

{
    "access_token":"boQtj0SCGz2GFGz[...]",
    "token_type":"bearer",
    "expires_in":1209599,
    "userName":"Alice",
    ".issued":"Mon, 14 Oct 2013 06:53:32 GMT",
    ".expires":"Mon, 28 Oct 2013 06:53:32 GMT",
    "Notifications":35,
    "IsEventMember":true,
    "Promotion":324372
}

我使用的oauth提供程序来自默认的ASP.NET模板(ApplicationOAuthProvider.cs),而OAuthOption如下所示。

            OAuthOptions = new OAuthAuthorizationServerOptions
        {
            TokenEndpointPath = new PathString("/Token"),
            Provider = new ApplicationOAuthProvider(PublicClientId, UserManagerFactory),
            AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
            AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
            AllowInsecureHttp = true
        };

我该怎么做?

请注意,我的问题与adding extra claims不同。

1 个答案:

答案 0 :(得分:11)

这是解决方案:

public override async Task TokenEndpoint(OAuthTokenEndpointContext context)
{
    context.AdditionalResponseParameters.Add("username", "user@mail.com");

    return Task.FromResult<object>(null);
}