我正在使用带有 JWTBearerAuthentication 的 Owin 来授权用户并验证他们的令牌.我是这样做的:
I'm using Owin with JWTBearerAuthentication to authorize users and validate their tokens. I'm doing it like this:
public class Startup
{
public void Configuration(IAppBuilder app)
{
HttpConfiguration config = new HttpConfiguration();
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{id}",
defaults: new { id = RouteParameter.Optional }
);
ConfigureOAuth(app);
app.UseWebApi(config);
}
private void ConfigureOAuth(IAppBuilder app)
{
string issuer = ConfigurationManager.AppSettings.Get("auth_issuer");
string audience = ConfigurationManager.AppSettings.Get("auth_clientId");
byte[] secret = TextEncodings.Base64Url.Decode(ConfigurationManager.AppSettings.Get("auth_secret"));
app.UseJwtBearerAuthentication(new JwtBearerAuthenticationOptions
{
AuthenticationMode = AuthenticationMode.Active,
AllowedAudiences = new [] { audience },
IssuerSecurityTokenProviders = new IIssuerSecurityTokenProvider[]
{
new SymmetricKeyIssuerSecurityTokenProvider(issuer, secret)
}
});
}
}
但是,我的令牌中有一些自定义声明,并希望在我的 ApiController 中使用它们的值,如下所示:
However, I have some custom claims in my token, and want to use their values in my ApiController, which looks like this:
[RoutePrefix("endpoint")]
public class MyApiController : ApiController
{
[Route("action")]
[Authorize]
public IHttpActionResult Post(string someValue)
{
bool res = DoSomeAction.withTheString(someValue);
if (res)
{
return Ok<string>(someValue);
}
return InternalServerError();
}
}
有没有类似 User.Claims["myCustomClaim"].Value
的东西,它提供所有声明的值?
Is there anything like User.Claims["myCustomClaim"].Value
, which provides the values of all claims?
谢谢你,卢卡斯
这样的事情可能会有所帮助:
Something like this might help:
var identity = User.Identity as ClaimsIdentity;
return identity.Claims.Select(c => new
{
Type = c.Type,
Value = c.Value
});
这篇关于使用 Owin 从 JWT 获取自定义声明的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!