Question

我演练this official ASP.NET tutorial，持票人令牌发布如下JSON。

{
    "access_token":"boQtj0SCGz2GFGz[...]",
    "token_type":"bearer",
    "expires_in":1209599,
    "userName":"Alice",
    ".issued":"Mon, 14 Oct 2013 06:53:32 GMT",
    ".expires":"Mon, 28 Oct 2013 06:53:32 GMT"
}

我想添加用户个人资料属性以及上述结果，以减少来自客户端的请求数量。示例如下......

{
    "access_token":"boQtj0SCGz2GFGz[...]",
    "token_type":"bearer",
    "expires_in":1209599,
    "userName":"Alice",
    ".issued":"Mon, 14 Oct 2013 06:53:32 GMT",
    ".expires":"Mon, 28 Oct 2013 06:53:32 GMT",
    "Notifications":35,
    "IsEventMember":true,
    "Promotion":324372
}

我使用的oauth提供程序来自默认的ASP.NET模板（ApplicationOAuthProvider.cs），而OAuthOption如下所示。

            OAuthOptions = new OAuthAuthorizationServerOptions
        {
            TokenEndpointPath = new PathString("/Token"),
            Provider = new ApplicationOAuthProvider(PublicClientId, UserManagerFactory),
            AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
            AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
            AllowInsecureHttp = true
        };

我该怎么做？

请注意，我的问题与adding extra claims不同。

Answer 1

这是解决方案：

public override async Task TokenEndpoint(OAuthTokenEndpointContext context)
{
    context.AdditionalResponseParameters.Add("username", "user@mail.com");

    return Task.FromResult<object>(null);
}

在ASP.NET WebApi 2中自定义承载令牌JSON结果

1 个答案: