将访问令牌保存为自定义声明

时间:2015-12-23 14:04:08

标签: c# asp.net-mvc asp.net-mvc-5.2

我希望我的应用程序只能由抽搐用户访问。为此,我添加了扩展的OWIN包并编写了这个auth逻辑:

    private void ConfigureUseTwitchAuthentication(IAppBuilder app)
    {
        var options = new TwitchAuthenticationOptions
        {
            ClientId = Helpers.Constants.ClientId,
            ClientSecret = Helpers.Constants.ClientSecret,
            CallbackPath = new PathString("/Twitch/Authorize"),
            Provider = new TwitchAuthenticationProvider
            {
                OnAuthenticated = async context =>
                {
                    context.Identity.AddClaim(new Claim(Helpers.Constants.TwitchAccessToken, context.AccessToken));
                    foreach (var claim in context.User)
                    {
                        var claimType = $"urn:Twitch:{claim.Key}";
                        string claimValue = claim.Value.ToString();
                        if (!context.Identity.HasClaim(claimType, claimValue))
                        {
                            context.Identity.AddClaim(new Claim(claimType, claimValue, "XmlSchemaString", "Twitch"));
                        }
                    }

                    await Task.FromResult(0);

                    //// Retrieve the OAuth access token to store for subsequent API calls
                    //string accessToken = context.AccessToken;

                    //// Retrieve the user's name
                    //string userDisplayName = context.Name;

                    //// Retrieve the user's email address
                    //var userEmail = context.Email;

                    //// You can even retrieve the full JSON-serialized user
                    //var serializedUser = context.User;
                }
            }
        };

        foreach (var neededTwitchPermission in Helpers.Constants.NeededTwitchPermissions)
        {
            options.Scope.Add(neededTwitchPermission);
        }

        app.UseTwitchAuthentication(options);
    }

现在我需要保存在声明中的AccessToken才能在控制器中访问我的应用程序(例如,创建一个新的rest客户端并以用户的名义查询其API)。

如何保存身份验证返回的访问令牌并在以后使用?

我尝试了这两种方法,但都没有工作(两者都是空的):

        ClaimsIdentity identity1 = await HttpContext.GetOwinContext().Authentication
   .GetExternalIdentityAsync(DefaultAuthenticationTypes.ExternalCookie);

        var identity = (ClaimsIdentity)User.Identity;
        IEnumerable<Claim> claims = identity.Claims;
        var accessToken = claims.First(x => x.Type == Helpers.Constants.TwitchAccessToken);

我也尝试通过GenerateUserIdentityAsync添加它们,但我不知道如何从那里阅读声明:

    public async Task<ClaimsIdentity> GenerateUserIdentityAsync(UserManager<ApplicationUser> manager)
    {
        // Note the authenticationType must match the one defined in CookieAuthenticationOptions.AuthenticationType
        var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie);

        // Add custom user claims here
        userIdentity.AddClaim(new Claim("Twitch:access_token", "?????"));

        return userIdentity;
    }

0 个答案:

没有答案
相关问题
最新问题