How to specify the destination for an existing Cla

2019-01-19 23:29发布

I'm using below code to create a ClaimIdentity in OpenIdConnectServerProvider.AuthorizationProvider. But the identity.Name is not searlized. How to allow the OpenIdConnectServer serarlize the name? Thanks.

The previous question is here How to create a ClaimIdentity in asp.net 5

var user = await userManager.FindByNameAsync(context.UserName);
var factory = context.HttpContext.RequestServices.GetRequiredService<IUserClaimsPrincipalFactory<ApplicationUser>>();
var identity = await factory.CreateAsync(user);                
context.Validated(new ClaimsPrincipal(identity));

标签： asp.net asp.net-identity openid-connect aspnet-contrib

1条回答

闹够了就滚

2楼-- · 2019-01-19 23:55

To avoid leaking confidential data, AspNet.Security.OpenIdConnect.Server refuses to serialize the claims that don't explicitly specify a destination.

To serialize the name (or any other claim), you can use the .SetDestinations extension:

var principal = await factory.CreateAsync(user);

var name = principal.FindFirst(ClaimTypes.Name);
if (name != null) {
    // Use "id_token" to serialize the claim in the identity token or "access_token"
    // to serialize it in the access token. You can also specify both destinations.
    name.SetDestinations(OpenIdConnectConstants.Destinations.AccessToken,
                         OpenIdConnectConstants.Destinations.IdentityToken);
}

context.Validate(principal);

When adding a claim, you can also use the AddClaim extension taking a destinations parameter:

identity.AddClaim(ClaimTypes.Name, "Pinpoint",
     OpenIdConnectConstants.Destinations.AccessToken,
     OpenIdConnectConstants.Destinations.IdentityToken);

0人赞添加讨论(0) 举报

How to specify the destination for an existing Cla

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间