I implemented OWIN bearer token authorization, and based on this article: http://bitoftech.net/2014/06/01/token-based-authentication-asp-net-web-api-2-owin-asp-net-identity/, and now i want to add roles to the bearer token so that i can be able retrieve it on the controller like am doing with the userName...identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName)); and was able to get the username of the current user with User.Identity.Name
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
Check my latest post on bitoftechwhere I read Roles once I generate token, or you can assign roles manually using the ClaimsType.Role like you assign the UserName.
Hope this answers your question.
回答2:
http://forums.asp.net/t/1998896.aspx?Cannot+assign+claims+identity+to+a+variable+using+asp+net+WebAPI+with+Oauth+
http://nareshjois.com/custom-information-in-asp-net-identity-cookie-ticket/
i managed to add and read new roles manually by creating a new column in the asp identity AspNetUsers table named RoleName and i added roles directly...
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
using (AuthRepo _repo = new AuthRepo())
{
UserProfile user = await _repo.FindUser(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
/*var claims = new List<Claim>
{
new Claim(ClaimTypes.GivenName, user.FirstName),
};*/
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim("role", "user"));
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim("RoleName", user.RoleName));
context.Validated(identity);
}
}
i then could read a role associated with each user like so
var cp = User as ClaimsPrincipal; //var cp = (ClaimsPrincipal)User;
var roleName = ((Claim)cp.Claims.SingleOrDefault(x => x.Type == "RoleName")).Value.ToString();
I PERSONALLY FIND THIS EASIER TO MAINTAIN...
回答3:
You can add a function to do so.
public static AuthenticationProperties CreateProperties(string userName, string Roles)
{
IDictionary<string, string> data = new Dictionary<string, string>
{
{ "userName", userName },
{"roles",Roles}
};
return new AuthenticationProperties(data);
}
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 混吃等死 的文章《How to add roles to the asp identity bearer token》','https://www.manongdao.com/article-890894.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}