在identityserver4上检查Id_token或access_token

时间:2018-12-06 11:30:04

标签: identityserver4

我在我的Angular应用程序隐式流中使用Identityserver4。当前,我面临一些身份验证问题,为此,我需要验证IDS生成的令牌和身份验证后在我的角度客户端中拥有的令牌。

我不是在验证客户端身份时如何在IdentityServer中获取令牌吗?

这是我与oidc相关的oidc代码:

import { Injectable } from '@angular/core';
import { UserManager, UserManagerSettings, User, WebStorageStateStore } from 'oidc-client';
import { AppConfigService } from '../../app-config.service';
// import { Config } from '../../../app-config';

@Injectable()
export class AuthService {
private manager;
private user: User = null;

constructor(private appConfig: AppConfigService) {
    this.manager = new UserManager(getClientSettings(appConfig));
    this.manager.getUser().then(user => {
        this.user = user;
    });
    this.manager.events.addUserLoaded( user => {
        this.user = user;
    });
}
public get UserId() {
    if (this.user && this.user != null && this.user.profile && this.user.profile.sub) {
        return this.user.profile.sub;
    }
    return null;
}
public get User() {
    if (this.user && this.user != null && this.user.profile && this.user.profile != null) {
        return this.user.profile;
    }
    return null;
}
public isLoggedIn(): boolean {
    return this.user != null && !this.user.expired;
}

public getClaims(): any {
    return this.user.profile;
}

public getAuthorizationHeaderValue(): string {
    //
    return `${this.user.token_type} ${this.user.access_token}`;

}

public startAuthentication(): Promise<void> {
    return this.manager.signinRedirect();
}
public signout(): Promise<void> {
    localStorage.removeItem('user');
    return this.manager.signoutRedirect();
}
public signoutRedirectCallback(): Promise<any> {
    //   localStorage.removeItem('user');
    return this.manager.signoutRedirectCallback();
}

public completeAuthentication(): Promise<void> {
    return this.manager.signinRedirectCallback().then(user => {
        this.user = user;
    });
}
public silentRefresh(): Promise<void> {
    console.log('before');
    return this.manager.signinSilentCallback(); // .then(t => console.log(t))
    // .catch((err) => {
    // console.log(err);
    // });
}
public signinSilent(): Promise<User> {
    return this.manager.signinSilent();
}

} 

export function getClientSettings(appConfig: AppConfigService): 
UserManagerSettings {
console.log('in auth service', appConfig.getConfig('IDS_ENDPOINT'));
return {
    authority: appConfig.getConfig('IDS_ENDPOINT'), // 'https://localhost:44360/',
    client_id: appConfig.getConfig('IDS_CLIENT'),
    redirect_uri: appConfig.getConfig('IDS_redirectUrl'), // 'http://localhost:4200/auth-callback',
    post_logout_redirect_uri: appConfig.getConfig('IDS_LogoutUrl'), // 'http://localhost:4200/',
    response_type: 'id_token token',
    scope: 'openid profile roles smsapi country subscriptionlevel permissions',
    filterProtocolClaims: true,
    loadUserInfo: true,
    automaticSilentRenew: true,
    accessTokenExpiringNotificationTime: 60,
    silent_redirect_uri: appConfig.getConfig('IDS_refreshUrl')
   // userStore: new WebStorageStateStore({ store: window.localStorage })
};

}

有帮助吗?

0 个答案:

没有答案
相关问题
最新问题