我使用IdSrv3进行身份验证。我需要在我的web api owin客户端中获取access_token,以便在另一个web api客户端中传递承载身份验证。 我的Startup.cs代码:
public class Startup
{
public void Configuration(IAppBuilder app)
{
ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
JwtSecurityTokenHandler.InboundClaimTypeMap.Clear();
var identityServerPath = ConfigurationManager.AppSettings["IdentityServerPath"];
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = $"{identityServerPath}/core",
RequiredScopes = new[] { "openid"},
AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Active,
// client credentials for the introspection endpoint
ClientId = "someid"
});
}
}
我试图通过这种方式获取访问令牌:
var claims = (User as ClaimsPrincipal).Claims;
var AccessToken = claims.First(x => x.Type == "access_token").Value;
如何获取access_token?声明变量是空的。
答案 0 :(得分:3)
您可以设置" PreserveAccessToken" property为true(默认为false)。例如:
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = "https://localhost:44331",
ClientId = "apiOne",
ClientSecret = "secret",
RequiredScopes = new[] {"apiOne"},
ValidationMode = ValidationMode.ValidationEndpoint,
PreserveAccessToken = true
});
这会将访问令牌保留为声明。然后,您可以像上面那样检索它。除此之外,声明是"令牌",而不是" access_token"。