webapi和winform客户端的auth0角色认证
auth0 role authentication for webapi and winform client
我正在尝试使用 auth0 winform, server , authorization extension.
设置从 winform 客户端到 Web api 服务的角色身份验证
从 winform,我可以验证并获取 access_token 及其角色(管理员)
var auth0 = new Auth0Client(
"xxx.au.auth0.com",
"1Zf2W81KYrbHJ8MjPYd...");
var user = auth0.LoginAsync(this);
access_token = user.Result.IdToken
在网络调用上传递令牌api,它可以传递[Authorize]但不能传递[Authorize(Roles=admin)]
var client = new RestClient("http://localhost:61758/api/values");
var request = new RestRequest(Method.GET);
request.AddHeader("Authorization", string.Format("Bearer " + access_token));
查看函数 JsonWebToken.cs\ValidateToken,我发现 payloadData 只有几个值,但根本没有 roles:
{"iss":"https://xxx.au.auth0.com/","sub":"auth0|57e37cc190da2a82c5d6","aud":"2W81KYrbHJ8MjPYd2WVyVrH3","exp":1487259046,"iat":1487223046}
知道为什么角色从令牌中消失了吗?
已解决。问题是范围 (https://auth0.com/docs/scopes)。
默认范围是 openid,令牌仅包括 iss、sub、aud、exp 和 iat 声明。我们需要设置 scope=openid roles 以便将角色嵌入到.
var user = auth0.LoginAsync(this, "", "openid roles");
我正在尝试使用 auth0 winform, server , authorization extension.
设置从 winform 客户端到 Web api 服务的角色身份验证从 winform,我可以验证并获取 access_token 及其角色(管理员)
var auth0 = new Auth0Client(
"xxx.au.auth0.com",
"1Zf2W81KYrbHJ8MjPYd...");
var user = auth0.LoginAsync(this);
access_token = user.Result.IdToken
在网络调用上传递令牌api,它可以传递[Authorize]但不能传递[Authorize(Roles=admin)]
var client = new RestClient("http://localhost:61758/api/values");
var request = new RestRequest(Method.GET);
request.AddHeader("Authorization", string.Format("Bearer " + access_token));
查看函数 JsonWebToken.cs\ValidateToken,我发现 payloadData 只有几个值,但根本没有 roles:
{"iss":"https://xxx.au.auth0.com/","sub":"auth0|57e37cc190da2a82c5d6","aud":"2W81KYrbHJ8MjPYd2WVyVrH3","exp":1487259046,"iat":1487223046}
知道为什么角色从令牌中消失了吗?
已解决。问题是范围 (https://auth0.com/docs/scopes)。
默认范围是 openid,令牌仅包括 iss、sub、aud、exp 和 iat 声明。我们需要设置 scope=openid roles 以便将角色嵌入到.
var user = auth0.LoginAsync(this, "", "openid roles");