无法访问WebApi授权令牌中的JWT声明 | 无法访问WebApi授权令牌中的JWT声明

本文介绍了无法访问WebApi授权令牌中的JWT声明的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

通过以下链接

现在，我想访问控制器中的声明，但是所有声明都为空.我已经尝试了一些方法，但所有方法都返回null.

Now, I want to access claim in the controllers, but all claims are null. I have tried a few things and all of them returns null.

如何在JwtAuthenticationAttribute中添加声明:

How is claim added in JwtAuthenticationAttribute:

protected Task<IPrincipal> AuthenticateJwtToken(string token)
        {
            string username;

            if (ValidateToken(token, out username))
            {
                //Getting user department to add to claim.
                eTaskEntities _db = new eTaskEntities();
                var _user = (from u in _db.tblUsers join d in _db.tblDepartments on u.DepartmentID equals d.DepartmentID select u).FirstOrDefault();
                var department = _user.DepartmentID;

                // based on username to get more information from database in order to build local identity
                var claims = new List<Claim>
                {
                    new Claim(ClaimTypes.Name, username),
                    new Claim(ClaimTypes.SerialNumber, department.ToString())
                    // Add more claims if needed: Roles, ...
                };

                var identity = new ClaimsIdentity(claims, "Jwt");
                IPrincipal user = new ClaimsPrincipal(identity);

                return Task.FromResult(user);
            }

            return Task.FromResult<IPrincipal>(null);
        }

到目前为止我尝试过的事情

获取索赔的扩展方法:

public static class IPrincipleExtension
{
    public static String GetDepartment(this IIdentity principal)
    {
        var identity = HttpContext.Current.User.Identity as ClaimsIdentity;
        if (identity != null)
        {
            return identity.FindFirst("SerialNumber").Value;
        }
        else
            return null;
    }
}

使用帖子中定义的功能(上面的链接):

Using the function defined in the post (link above):

TokenManager.GetPrincipal(Request.Headers.Authorization.Parameter).FindFirst("SerialNumber")

尝试通过线程访问Claim:

Trying to access Claim through thread:

((ClaimsPrincipal)System.Threading.Thread.CurrentPrincipal.Identity).FindFirst("SerialNumber")

对于以上所有情况，索赔始终为空.我在做什么错了?

For all the above, a claim is always null. What am I doing wrong?

推荐答案

您应该尝试以下操作来获得索赔:

You should try this to get your claim:

if (HttpContext.User.Identity is System.Security.Claims.ClaimsIdentity identity)
{
    var serialNum = identity.FindFirst(System.Security.Claims.ClaimTypes.SerialNumber).Value;
}

当我这样设置索赔时，我保留identity.FindFirst("string_here").Value:

I reserve the identity.FindFirst("string_here").Value for when I set my claims like this:

var usersClaims = new[]
{
    new Claim("string_here", "value_of_string", ClaimValueTypes.String),
    ...
};

而不是使用像这样的预构建"值:

rather than using "prebuilt" values like this:

var usersClaims = new[]
{
    new Claim(ClaimTypes.Name, "value_of_name", ClaimValueTypes.String),
    ...
};

这篇关于无法访问WebApi授权令牌中的JWT声明的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！

1403页，肝出来的..