首页 文章

ASP.NET Core 2.0 api中JWT令牌中的自定义声明

提问于
浏览
0

在asp.net core web api中,如何检索JWT令牌的自定义用户属性?

我可以使用本教程https://fullstackmark.com/post/13/jwt-authentication-with-aspnet-core-2-web-api-angular-5-net-core-identity-and-facebook-login进行身份验证,但是想在我网站的 Headers 中显示用户的全名和链接到他们的 Profiles 照片 .

我已将AppUser模型扩展为包含这些字段,并将它们保存在数据库中 .

从JWT令牌中,我可以获取用户ID或电子邮件然后查找数据库获取他们的全名和 Profiles 图片,但认为将此作为自定义声明更有效,尽管我不知道如何要做到这一点 .

这是我的startup.cs

public void ConfigureServices(IServiceCollection services)
    {
        services.AddDbContext<ApplicationDbContext>(options => options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));

        services.AddSingleton<IConfiguration>(Configuration);
        services.AddSingleton<IJwtFactory, JwtFactory>();

        services.AddIdentity<AppUser, IdentityRole>
            (options =>
            {
                // configure identity options
                options.Password.RequireDigit = false;
                options.Password.RequireLowercase = false;
                options.Password.RequireUppercase = false;
                options.Password.RequireNonAlphanumeric = false;
                options.Password.RequiredLength = 6;
            })
            .AddEntityFrameworkStores<ApplicationDbContext>()
            .AddDefaultTokenProviders();



        // jwt wire up
        // Get options from app settings
        var jwtAppSettingOptions = Configuration.GetSection(nameof(JwtIssuerOptions));

        // Configure JwtIssuerOptions
        services.Configure<JwtIssuerOptions>(options =>
        {
            options.Issuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)];
            options.Audience = jwtAppSettingOptions[nameof(JwtIssuerOptions.Audience)];
            options.SigningCredentials = new SigningCredentials(_signingKey, SecurityAlgorithms.HmacSha256);
        });

        var tokenValidationParameters = new TokenValidationParameters
        {
            ValidateIssuer = true,
            ValidIssuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)],

            ValidateAudience = true,
            ValidAudience = jwtAppSettingOptions[nameof(JwtIssuerOptions.Audience)],

            ValidateIssuerSigningKey = true,
            IssuerSigningKey = _signingKey,

            RequireExpirationTime = false,
            ValidateLifetime = true,
            ClockSkew = TimeSpan.Zero
        };

        services.AddAuthentication(options =>
        {
            options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;

        }).AddJwtBearer(configureOptions =>
        {
            configureOptions.ClaimsIssuer = jwtAppSettingOptions[nameof(JwtIssuerOptions.Issuer)];
            configureOptions.TokenValidationParameters = tokenValidationParameters;
            configureOptions.SaveToken = true;
        });

        // api user claim policy
        services.AddAuthorization(options =>
        {
            options.AddPolicy("ApiUser", policy => policy.RequireClaim(Constants.Strings.JwtClaimIdentifiers.Rol, Constants.Strings.JwtClaims.ApiAccess));
        });


        services.AddMvc();

    }


}
angular asp.net-core jwt

1 回答

  • 0

    如果您按照链接在 // POST api/auth/login 的web api下找到以下行:

    var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password);

    这会生成稍后在令牌中使用的标识 . 在这里,您可以添加自己的声明:

    identity.AddClaim(new Claim(ClaimTypes.Name, "the name"));
    回复于

相关问题