Question

我使用IdSrv3进行身份验证。我需要在我的web api owin客户端中获取access_token，以便在另一个web api客户端中传递承载身份验证。我的Startup.cs代码：

public class Startup
{
        public void Configuration(IAppBuilder app)
        {

            ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;

            JwtSecurityTokenHandler.InboundClaimTypeMap.Clear();

            var identityServerPath = ConfigurationManager.AppSettings["IdentityServerPath"];

            app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
            {
                Authority = $"{identityServerPath}/core",

                RequiredScopes = new[] { "openid"},
                AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Active,

                // client credentials for the introspection endpoint
                ClientId = "someid"
            });
        }
}

我试图通过这种方式获取访问令牌：

var claims = (User as ClaimsPrincipal).Claims;
var AccessToken = claims.First(x => x.Type == "access_token").Value;

如何获取access_token？声明变量是空的。

Answer 1

您可以设置＆＃34; PreserveAccessToken＆＃34; property为true（默认为false）。例如：

app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
    Authority = "https://localhost:44331",
    ClientId = "apiOne",    
    ClientSecret = "secret",
    RequiredScopes = new[] {"apiOne"},
    ValidationMode = ValidationMode.ValidationEndpoint,
    PreserveAccessToken = true
});

这会将访问令牌保留为声明。然后，您可以像上面那样检索它。除此之外，声明是＆＃34;令牌＆＃34;，而不是＆＃34; access_token＆＃34;。

Web api客户端IdSrv3身份验证中的访问令牌

1 个答案: