问题描述
几天来,我尝试声明Blazor申请的索赔。我终于找到了一种可行的方法,但是由于某种原因,我无法在索赔清单中找到索赔。 我创建了以下AppClaimsPrincipalFactory:
public class AppClaimsPrincipalFactory : UserClaimsPrincipalFactory<ApplicationUser>
{
public AppClaimsPrincipalFactory(UserManager<ApplicationUser> userManager,IOptions<IdentityOptions> optionsAccessor) : base(userManager,optionsAccessor)
{
}
public override async Task<ClaimsPrincipal> CreateAsync(ApplicationUser user)
{
var id = await GenerateClaimsAsync(user);
if (user != null)
{
id.AddClaim(new Claim(ClaimTypes.Givenname,user.FirstName));
}
return new ClaimsPrincipal(id);
var principal = await base.CreateAsync(user);
if (!string.IsNullOrWhiteSpace(user.FirstName))
{
((ClaimsIdentity)principal.Identity).AddClaim(new Claim(ClaimTypes.Givenname,user.FirstName));
}
if (!string.IsNullOrWhiteSpace(user.LastName))
{
((ClaimsIdentity)principal.Identity).AddClaim(new Claim(ClaimTypes.Surname,user.LastName));
}
return principal;
}
}
我在Startup.cs文件的ConfigureServices中添加了以下代码:
services.AddScoped<IUserClaimsPrincipalFactory<ApplicationUser>,AppClaimsPrincipalFactory>();
有人可以帮助我找到我的代码有什么问题吗? 预先谢谢你。
更新
感谢Brian Parker为我铺平了道路。为了使它在其他人需要的情况下起作用,我像这样更改了AppClaimsPrincipalFactory类:
public class AppClaimsPrincipalFactory : UserClaimsPrincipalFactory<ApplicationUser>
{
public AppClaimsPrincipalFactory(UserManager<ApplicationUser> userManager,optionsAccessor)
{
}
protected override async Task<ClaimsIdentity> GenerateClaimsAsync(ApplicationUser user)
{
ClaimsIdentity claims = await base.GenerateClaimsAsync(user);
claims.AddClaim(new Claim("name","Aris"));
claims.AddClaim(new Claim("customClaim","test value"));
claims.AddClaim(new Claim(ClaimTypes.Givenname,user.FirstName));
claims.AddClaim(new Claim(ClaimTypes.Surname,user.LastName));
return claims;
}
}
我还更改了Startup.cs文件中的代码services.AddDefaultIdentity:
services.AddDefaultIdentity<ApplicationUser>(options => options.SignIn.RequireConfirmedAccount = true)
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddClaimsPrincipalFactory<AppClaimsPrincipalFactory>();
因此具有以下声明值:
name: ["myemail@hotmail.com","Aris"]
customClaim: test value
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname: Aristotelis
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname: Pitaridis
谢谢Brian Parker。你让我开心。
解决方法
尝试:
services.AddScoped<AppClaimsPrincipalFactory>();
services.AddDefaultIdentity<ApplicationUser>(options => options.SignIn.RequireConfirmedAccount = true)
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddClaimsPrincipalFactory<AppClaimsPrincipalFactory>();
services.AddIdentityServer()
.AddApiAuthorization<ApplicationUser,ApplicationDbContext>(options =>
{
options.IdentityResources["openid"].UserClaims.Add(ClaimTypes.GivenName);
options.ApiResources.Single().UserClaims.Add(ClaimTypes.GivenName);
options.IdentityResources["openid"].UserClaims.Add(ClaimTypes.Surname);
options.ApiResources.Single().UserClaims.Add(ClaimTypes.Surname);
});