问题描述

我使用 .NET 4.5 创建了一个新的 ASP.NET MVC 应用程序.我已成功设置了 STS 身份验证.身份验证流程工作正常，我能够在 Thread.CurrentPrincipal 上获取包含所需声明的 ClaimsIdentity.

I have created a new ASP.NET MVC application with .NET 4.5. I have successfully set up authentication with an STS. The authentication flow is working fine and I am able to get the ClaimsIdentity, containing the desired claims, on Thread.CurrentPrincipal.

现在我需要引导令牌来保护对我的服务层的调用.我已将 identityConfiguration 元素上的 saveBootstrapContext 设置为 true.

Now I need the bootstrap token to secure the calls to my service layer. I have set the saveBootstrapContext to true on the identityConfiguration element.

<system.identityModel>
    <identityConfiguration saveBootstrapContext="true">

但是，ClaimsIdentity 上的 BootstrapContext 属性始终为 null.

However, the BootstrapContext property on the ClaimsIdentity is always null.

var identity = Thread.CurrentPrincipal.Identity as ClaimsIdentity;
var context = identity.BootstrapContext; // context is always null

我在这里遗漏了什么吗?这应该很简单:(

Am I missing anything here? This was supposed to be straightforward :(

推荐答案

已解决:

<system.identityModel>
    <identityConfiguration saveBootstrapContext="true" />
</system.identityModel>

还需要设置TokenValidationParameters.SaveSigninToken，区别于JwtBearerOptions.SaveTokens:

app.UseWindowsAzureActiveDirectoryBearerAuthentication(
    new WindowsAzureActiveDirectoryBearerAuthenticationOptions {
        Tenant = ConfigurationManager.AppSettings["ida:Tenant"],
        TokenValidationParameters = new TokenValidationParameters {
            SaveSigninToken = true,
            ValidAudience = ConfigurationManager.AppSettings["ida:Audience"]
        }
    }
);

这篇关于BootstrapContext 在 ClaimsIdentity 上为 null的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！