带有EF6的IdentityServer4

时间:2016-08-07 05:19:47

标签: c# authentication entity-framework-6 authorization identityserver4

我已经基于this通过IdentityServer4实施了基本的Web API保护。

该演示基于内存数据。大多数教程都基于用户数据的EF Core实现。在我搜索时,IUserService中有一个IdentityServer3,现在在版本4中丢失了。

builder.AddInMemoryClients(Clients.Get());
builder.AddInMemoryScopes(Scopes.Get());
builder.AddInMemoryUsers(Users.Get());

如何从EF6商店检索我的用户数据?

1 个答案:

答案 0 :(得分:4)

在Startup.cs中,执行此操作

builder.Services.AddTransient<IResourceOwnerPasswordValidator, ResourceOwnerPasswordValidator>();
builder.Services.AddTransient<IProfileService, ProfileService>();

以下是ResourceOwnerPasswordValidatorProfileService

的示例 
public class ResourceOwnerPasswordValidator : IResourceOwnerPasswordValidator
{
    private MyUserManager _myUserService { get; set; }
    public ResourceOwnerPasswordValidator()
    {
        _myUserService = new MyUserManager();
    }

    public async Task<CustomGrantValidationResult> ValidateAsync(string userName, string password, ValidatedTokenRequest request)
    {
        var user = await _myUserService.FindByNameAsync(userName);
        if (user != null && await _myUserService.CheckPasswordAsync(user, password))
        {
            return new CustomGrantValidationResult(user.EmailAddress, "password");
        }
        return new CustomGrantValidationResult("Invalid username or password");
    }
}


public class ProfileService : IProfileService
{
    MyUserManager _myUserManager;
    public ProfileService()
    {
        _myUserManager = new MyUserManager();
    }

    public async Task GetProfileDataAsync(ProfileDataRequestContext context)
    {
        var sub = context.Subject.FindFirst("sub")?.Value;
        if (sub != null)
        {
            var user = await _myUserManager.FindByIdAsync(sub);
            var cp = await getClaims(user);

            var claims = cp.Claims;
            if (context.AllClaimsRequested == false ||
                (context.RequestedClaimTypes != null && context.RequestedClaimTypes.Any()))
            {
                claims = claims.Where(x => context.RequestedClaimTypes.Contains(x.Type)).ToArray().AsEnumerable();
            }

            context.IssuedClaims = claims;
        }
    }

    public Task IsActiveAsync(IsActiveContext context)
    {
        return Task.FromResult(0);
    }

    private async Task<ClaimsPrincipal> getClaims(CustomerSite user)
    {
        if (user == null)
        {
            throw new ArgumentNullException(nameof(user));
        }
        var userId = await _myUserManager.GetUserIdAsync(user);
        var userName = await _myUserManager.GetUserNameAsync(user);
        var id = new ClaimsIdentity();
        id.AddClaim(new Claim(JwtClaimTypes.Id, userId));
        id.AddClaim(new Claim(JwtClaimTypes.PreferredUserName, userName));

        var roles = await _myUserManager.GetRolesAsync(user);
        foreach (var roleName in roles)
        {
            id.AddClaim(new Claim(JwtClaimTypes.Role, roleName));                
        }

        id.AddClaims(await _myUserManager.GetClaimsAsync(user));

        return new ClaimsPrincipal(id);
    }
}
相关问题
最新问题