问题描述
通过以下链接
现在,我想访问控制器中的声明,但是所有声明都为空.我已经尝试了一些方法,但所有方法都返回null.
Now, I want to access claim in the controllers, but all claims are null. I have tried a few things and all of them returns null.
如何在JwtAuthenticationAttribute中添加声明:
How is claim added in JwtAuthenticationAttribute:
protected Task<IPrincipal> AuthenticateJwtToken(string token)
{
string username;
if (ValidateToken(token, out username))
{
//Getting user department to add to claim.
eTaskEntities _db = new eTaskEntities();
var _user = (from u in _db.tblUsers join d in _db.tblDepartments on u.DepartmentID equals d.DepartmentID select u).FirstOrDefault();
var department = _user.DepartmentID;
// based on username to get more information from database in order to build local identity
var claims = new List<Claim>
{
new Claim(ClaimTypes.Name, username),
new Claim(ClaimTypes.SerialNumber, department.ToString())
// Add more claims if needed: Roles, ...
};
var identity = new ClaimsIdentity(claims, "Jwt");
IPrincipal user = new ClaimsPrincipal(identity);
return Task.FromResult(user);
}
return Task.FromResult<IPrincipal>(null);
}
到目前为止我尝试过的事情
获取索赔的扩展方法:
public static class IPrincipleExtension
{
public static String GetDepartment(this IIdentity principal)
{
var identity = HttpContext.Current.User.Identity as ClaimsIdentity;
if (identity != null)
{
return identity.FindFirst("SerialNumber").Value;
}
else
return null;
}
}
使用帖子中定义的功能(上面的链接):
Using the function defined in the post (link above):
TokenManager.GetPrincipal(Request.Headers.Authorization.Parameter).FindFirst("SerialNumber")
尝试通过线程访问Claim:
Trying to access Claim through thread:
((ClaimsPrincipal)System.Threading.Thread.CurrentPrincipal.Identity).FindFirst("SerialNumber")
对于以上所有情况,索赔始终为空.我在做什么错了?
For all the above, a claim is always null. What am I doing wrong?
推荐答案
您应该尝试以下操作来获得索赔:
You should try this to get your claim:
if (HttpContext.User.Identity is System.Security.Claims.ClaimsIdentity identity)
{
var serialNum = identity.FindFirst(System.Security.Claims.ClaimTypes.SerialNumber).Value;
}
当我这样设置索赔时,我保留identity.FindFirst("string_here").Value
:
I reserve the identity.FindFirst("string_here").Value
for when I set my claims like this:
var usersClaims = new[]
{
new Claim("string_here", "value_of_string", ClaimValueTypes.String),
...
};
而不是使用像这样的预构建"值:
rather than using "prebuilt" values like this:
var usersClaims = new[]
{
new Claim(ClaimTypes.Name, "value_of_name", ClaimValueTypes.String),
...
};
这篇关于无法访问WebApi授权令牌中的JWT声明的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!