我目前正在创建一个API,该API应该使用Identity Framework和OpenIddict实际登录用户。
我实际上创建了一个简单的身份验证票证
private AuthenticationTicket CreateTicket(OpenIdConnectRequest connectRequest, OAuthApplication application)
{
// Create a new ClaimsIdentity containing the claims that
// will be used to create an id_token, a token or a code.
var identity = new ClaimsIdentity(
OpenIddictServerDefaults.AuthenticationScheme,
OpenIdConnectConstants.Claims.Name,
OpenIdConnectConstants.Claims.Role);
// Use the client_id as the subject identifier.
identity.AddClaim(OpenIdConnectConstants.Claims.Subject, application.ClientId,
OpenIdConnectConstants.Destinations.AccessToken,
OpenIdConnectConstants.Destinations.IdentityToken);
identity.AddClaim(OpenIdConnectConstants.Claims.Name, application.DisplayName,
OpenIdConnectConstants.Destinations.AccessToken,
OpenIdConnectConstants.Destinations.IdentityToken);
// Create a new authentication ticket holding the user identity.
var ticket = new AuthenticationTicket(
new ClaimsPrincipal(identity),
new AuthenticationProperties(),
OpenIddictServerDefaults.AuthenticationScheme);
ticket.SetScopes(connectRequest.GetScopes());
ticket.SetResources("resource_server");
return ticket;
}
但是,现在我在票证上设置了值“ resource_server”,有什么方法可以找回它? 即我可以在ClaimsPrinicpal中获取所有范围,但是找不到任何方法来获取票证的AuthenticationProperties。
答案 0 :(得分:0)
但是现在我在票证上设置了值“ resource_server”,有什么方法可以找回它?
当然,假设您使用默认令牌格式和OpenIddict验证处理程序,下面是一个示例:
public async Task<IActionResult> GetAudiences()
{
var ticket = (await HttpContext.AuthenticateAsync(OpenIddictValidationDefaults.AuthenticationScheme))?.Ticket;
if (ticket != null)
{
return Json(ticket.GetAudiences());
}
return NoContent();
}