我正在使用Identity Server 4和资源所有者方案。我成功获取了访问令牌。但是,我希望它也有这些说法。我在身份服务器实现上添加了角色声明。但我没有看到它在我的令牌中编码。 这是我的Api资源:
{
"_id": "SomeAPI",
"Enabled": true,
"DisplayName": "Some APII",
"Description": null,
"ApiSecrets": [],
"UserClaims": [
"role
],
"Scopes": [
{
"Name": "SomeAPI",
"DisplayName": "Some API,
"Description": null,
"Required": false,
"Emphasize": false,
"ShowInDiscoveryDocument": true,
"UserClaims": [
"role"
]
}
]
}
这是我的客户:
{
"Enabled": true,
"ClientSecrets": [
{
"Description": null,
"Value": "-----",
"Expiration": ----,
"Type": "SharedSecret"
}
],
"ClientName": null,
"ClientUri": null,
"LogoUri": null,
"RequireConsent": true,
"AllowRememberConsent": true,
"AllowOfflineAccess": true,
"AccessTokenLifetime": 10000.0,
"AllowedGrantTypes": [
"password"
],
"AllowedScopes": [
"SomeAPI"
],
"Claims": [],
"AllowedCorsOrigins": []
}
我如何获得令牌:
var result = await client.RequestResourceOwnerPasswordAsync(userName, password);
修改的: 我根据建议的答案更新了电话:
var result = await client.RequestResourceOwnerPasswordAsync(userName, password, "SomeAPI")
我还更新了客户端允许的角色范围'。现在我获得了所需的角色,但没有嵌套在声明之下,而是作为这种类型的数组:
"http://schemas.microsoft.com/ws/2008/06/identity/claims/role": [
"role1",
"role2"
],
答案 0 :(得分:0)
您必须包含范围:
var result = await client.RequestResourceOwnerPasswordAsync(userName, password, "SomeAPI");