我在新的ASP.NET Core 2.0应用程序中实现了来自Identity Server 4的jwt隐式身份验证,但对如何在上下文中设置我的声明感到困惑。
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
}).AddIdentityServerAuthentication(o =>
{
o.Authority = IDP_AUTHORITY_URL;
o.RequireHttpsMetadata = false;
o.ApiName = API_ID;
o.JwtBearerEvents = new JwtBearerEvents
{
OnTokenValidated = async tokenValidationContext =>
{
var claimsIdentity = tokenValidationContext.Principal.Identity as ClaimsIdentity;
if (claimsIdentity == null)
{
return;
}
string userSubId = claimsIdentity.Claims.FirstOrDefault(c => c.Type == "sub").Value;
this.ValidateUser(userSubId);
}
};
});
当我这样做时,subjectId的主张就在那里, 但是当我试图像以后那样从HttpContext中取出它时:
public CRUDServiceHubBase(IHttpContextAccessor httpContextAccessor)
{
this._currentContext = httpContextAccessor.HttpContext;
}
protected string ConnectionKey => this._currentContext.User.Claims
.Where(x => x.Type == "sub")
.Select(x => x.Value)
.FirstOrDefault();
我的用户没有声明,也没有设置名称。似乎服务器知道我已获得授权但由于某种原因我的用户未设置。
我也尝试了这个,没有不记名事件。如何在HttpContext中设置我的Identity User?