使用WebApi2中的Owin返回带有Bearer Tokens的自定义类型

时间:2018-03-22 12:03:16

标签: c# asp.net token owin owin-middleware

我需要在我的web api项目中实现OWIN身份验证。我能够做同样的事情,我也能够返回多个索赔。 但是我想在成功登录之后返回UserDetails类型值。我正在努力。

public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{

}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
        var identity = new ClaimsIdentity(context.Options.AuthenticationType);
        identity.AddClaim(new Claim("UserName", userDetails.UserName));
        identity.AddClaim(new Claim("Iata", userDetails.Iata));
        context.Validated(identity);

        UserDetailsDTO userDetails = UserDetailService.GetUserdetailExternal(context.UserName, context.Password, userDetails.Iata);

       // I want to return userDetails where i need help

}
public override Task TokenEndpoint(OAuthTokenEndpointContext context)
{
    foreach (KeyValuePair<string, string> property in context.Properties.Dictionary)
    {
        context.AdditionalResponseParameters.Add(property.Key, property.Value);
    }
    return Task.FromResult<object>(null);
}

public class UserDetailsDTO
{
    public string UserName { get; set; }
    public string Iata { get; set; }
    public string LoginId { get; set; }
    public Screen Screens { get; set; }
    public string ErrorText { get; set; }
    public string Roles { get; set; }
    public bool IsADUser { get; set; }
}

public class Screen
{
    public string ScreenName { get; set; }
    public string ScreenUrl { get; set; }

}

JSON输出

"access_token": "pG-Ho6S_0-JGdBcUwmtuGBpuoAECjC8T0bs93_FtmOw7dzUezgTRHrbyos67DM8xJmDrjF8vHVBXNlyRUoHxABFA2NOdMvtYPOaoKNMAES1jPN6gWcOQwZN5Tlcyc4qYkXCUGnVuVFncLZIvf0aBIZwUKiJDW4OxCJuh7wRoe49XUCh3hCd8-8R6ZcTy3VKGQlJmLau1pFaHZsqMeGdvbPvxSmixptGp29u76QThnovr8XMmh65f9o1JWDer6CsQSnd2VG1NEkrkhBWur2Jyz6EdEyW-ZbVeEvlw28P_i899RTEjhTBKBlo7m8sLJKViGDEO-uW0r9iBDThp2F-V-0ggp_wfsBHQDbTjqoddSITFAxwe7Vpm1BQAptyF_-Fu2oV-CbzVWucD8dr-PQKBlN8m3tFv4lMO2681X9bApF5yivkDvEMYW5_cNO5hzIOvsQ8hUh7oY5iF-mVZkUgXHmk9pqbAYQ9evTK3MCtDS-XLKqvdkb90BwDFYW6jKg_Sv7IcuYbHv7i5jTwSM8K6MySyjha_Y_4y1VVhx5QSe4afFnH_Z5nNimrGDJgi5mZbRbiKDFeR28qjxXZWmJ8ISyxQRZmT_JVZArGDpu-hVoUcz9CDLvHeCcL2a9uXmLm0",
  "token_type": "bearer",
  "expires_in": 86399,
  ".issued": "Thu, 22 Mar 2018 15:35:56 GMT",
  ".expires": "Fri, 23 Mar 2018 15:35:56 GMT",
  "UserName": "rmishra",
  "Iata": "AU"

我无法使用bearer_token在我的JSON对象中获取userDetails。 任何人都可以帮我退货吗?

1 个答案:

答案 0 :(得分:1)

您需要在身份验证属性中分配userdetails json字符串,然后生成身份验证票证并验证身份验证票证。

UserDetailsDTO userDetails = UserDetailService.GetUserdetailExternal(context.UserName, context.Password, userDetails.Iata);

var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim("UserName", userDetails.UserName));
identity.AddClaim(new Claim("Iata", userDetails.Iata));
IDictionary<string, string> authProp = new Dictionary<string, string>()
{
    { "UserName", userDetails.UserName },
    { "Iata", userDetails.Iata},
    { "UserDetails", Newtonsoft.Json.JsonConvert.SerializeObject(userDetails)}
};
var ticket = new AuthenticationTicket(identity, authProp);
context.Validated(ticket);
相关问题
最新问题