我已经扩展了我的ClaimsTranformer:
internal class ClaimsTransformer : IClaimsTransformation
{
private readonly UmlDbContext<ApplicationUser> _dbContext;
public ClaimsTransformer(UmlDbContext<ApplicationUser> dbContext)
{
_dbContext = dbContext;
}
public Task<ClaimsPrincipal> TransformAsync(ClaimsPrincipal principal)
{
IIdentity identity = (WindowsIdentity)principal.Identity;
.
.
.
.
public static void ConfigureWindowsAuth<TUser>(this IServiceCollection services, IConfiguration configuration)
where TUser : ApplicationUser
{
services.DefineScopes<TUser>();
services.AddDbContext<UmlDbContext<TUser>>(options =>
options.UseSqlServer(configuration.GetConnectionString("UMLConnectionString")));
services.AddIdentity<TUser, ApplicationRole>()
.AddUserStore<ApplicationUserStore<TUser>>()
.AddRoleStore<ApplicationRoleStore<TUser>>();
//Start - configuring identity options
services.Configure<IdentityOptions>(options =>
{
// User settings
options.User.RequireUniqueEmail = Convert.ToBoolean(configuration["UMLOptions:RequireUniqueEmail"]);
});
services.ReadConfiguration(configuration, false);
services.InitializeDatabase<TUser>();
services.AddTransient<IClaimsTransformation, ClaimsTransformer>();
services.SetAuthenticationMode(AuthenticationMode.Windows);
}
并像这样使用它:
services.ConfigureWindowsAuth<ApplicationUser>(Configuration);
服务是可通过IServiceCollection访问的实例。
我们使用此代码通过Windows角色检查用户是否拥有对特定资源的声明。但是在调试时,我注意到TransformAsync函数永远不会被调用。
由于这一点,以下几行推断出错误陈述:
var hasClaim = context.HttpContext.User.Claims.Any(c => c.Type == _claim.Type && _claim.Value.ToLower().
Split(",").Contains(c.Value.ToLower()));
如果需要其他信息,请与我们联系。我需要知道为什么没有调用TransformAsync以及如果找到任何内容如何正确解决问题。