在哪里为所有HttpRequest设置自定义ClaimsPrincipal

时间:2019-03-25 11:43:23

标签: c# authentication asp.net-core

我正在将较旧的应用程序移植到使用Windows身份验证(在IIS中配置,分别是launchsetting.json)的ASP.NET Core。

在开发模式下运行时,我想覆盖身份验证以使用自定义的硬编码ClaimsPrincipal。

public class Startup
{
   public void Configure(IApplicationBuilder app, IHostingEnvironment env)
   {

       if (env.IsDevelopment())
       {
           app.UseDeveloperExceptionPage();
       }
       app.UseMvc();    
   }
}

我不确定在哪里设置身份和服务/中间件配置以使用...

1 个答案:

答案 0 :(得分:0)

创建中间件集HttpContext.User到硬编码的ClaimsPrincipal

public class WindowsUserMiddleware
{
    private readonly RequestDelegate _next;

    public WindowsUserMiddleware(RequestDelegate next)
    {
        _next = next;
    }

    public async Task InvokeAsync(HttpContext httpContext)
    {
        var claims = new List<Claim> { /* add claims */ };
        var userIdentity = new ClaimsIdentity(claims, "NonEmptyAuthType");

        httpContext.User = new ClaimsPrincipal(userIdentity);

        await _next(httpContext);
    }
}

public static class WindowsUserMiddlewareExtensions
{
    public static IApplicationBuilder UseWindowsUser(this IApplicationBuilder applicationBuilder)
    {
        return applicationBuilder.UseMiddleware<WindowsUserMiddleware>();
    }

}

并且仅在开发模式下使用它

if (env.IsDevelopment())
{
    app.UseWindowsUser();
    app.UseDeveloperExceptionPage();
}
app.UseMvc();