如何获取用户的所有声明?
How to get all claims of a user?
我是 IdentityServer4 的新手,我有一个简单的登录配置。
这是我的用户测试用户:
return new List<TestUser> {
new TestUser {
SubjectId = "5BE86359-073C-434B-AD2D-A3932222DABE", // just get this in claims list
Username = "name",
Password = "password",
Claims = new List<Claim> {
new Claim(ClaimTypes.Email, "my@email.com") // not found
}
}
};
我还有一个客户:
return new List<Client>
{
new Client
{
ClientId = "MVC1",
ClientName = "This is my MVC1",
ClientSecrets = new List<Secret> {new Secret("MVC1".Sha256())}, // change me!
AllowedGrantTypes = GrantTypes.Code,
RedirectUris = new List<string> {"http://localhost:7573/signin-oidc"},
AllowedScopes = new List<string>
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.Email, // permission to access email claim
},
RequirePkce = true,
AllowPlainTextPkce = false
}
};
这是我的客户端配置代码:
.AddOpenIdConnect("OIDC", options =>
{
options.SignInScheme = "cookie";
options.Authority = "http://localhost:5000";
options.RequireHttpsMetadata = false;
options.ClientId = "MVC1";
options.ClientSecret = "MVC1";
options.ResponseType = "code";
options.UsePkce = true;
options.ResponseMode = "query";
options.CallbackPath = "/signin-oidc";
options.Scope.Add("openid");
options.Scope.Add("profile");
options.Scope.Add("email"); // i wants to access but not found in claims list
options.SaveTokens = true;
});
我想访问所有配置的声明,但我只找到 SubjectId 而不是电子邮件。
请帮帮我:(
默认情况下,您需要通过将其添加到 AddOpenIDConnect 选项来明确说明您希望令牌和用户信息端点中的哪些声明最终出现在用户中
options.ClaimActions.MapUniqueJsonKey("website", "website");
options.ClaimActions.MapUniqueJsonKey("gender", "gender");
options.ClaimActions.MapUniqueJsonKey("birthdate", "birthdate");
您还应该添加一个 IdentityResource 定义,因为它控制进入 ID-Token 的内容,例如
_identityResources = new List<IdentityResource>()
{
new IdentityResources.OpenId(),
new IdentityResources.Email(),
new IdentityResources.Profile(),
new IdentityResources.Address(),
};
我是 IdentityServer4 的新手,我有一个简单的登录配置。 这是我的用户测试用户:
return new List<TestUser> {
new TestUser {
SubjectId = "5BE86359-073C-434B-AD2D-A3932222DABE", // just get this in claims list
Username = "name",
Password = "password",
Claims = new List<Claim> {
new Claim(ClaimTypes.Email, "my@email.com") // not found
}
}
};
我还有一个客户:
return new List<Client>
{
new Client
{
ClientId = "MVC1",
ClientName = "This is my MVC1",
ClientSecrets = new List<Secret> {new Secret("MVC1".Sha256())}, // change me!
AllowedGrantTypes = GrantTypes.Code,
RedirectUris = new List<string> {"http://localhost:7573/signin-oidc"},
AllowedScopes = new List<string>
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.Email, // permission to access email claim
},
RequirePkce = true,
AllowPlainTextPkce = false
}
};
这是我的客户端配置代码:
.AddOpenIdConnect("OIDC", options =>
{
options.SignInScheme = "cookie";
options.Authority = "http://localhost:5000";
options.RequireHttpsMetadata = false;
options.ClientId = "MVC1";
options.ClientSecret = "MVC1";
options.ResponseType = "code";
options.UsePkce = true;
options.ResponseMode = "query";
options.CallbackPath = "/signin-oidc";
options.Scope.Add("openid");
options.Scope.Add("profile");
options.Scope.Add("email"); // i wants to access but not found in claims list
options.SaveTokens = true;
});
我想访问所有配置的声明,但我只找到 SubjectId 而不是电子邮件。
请帮帮我:(
默认情况下,您需要通过将其添加到 AddOpenIDConnect 选项来明确说明您希望令牌和用户信息端点中的哪些声明最终出现在用户中
options.ClaimActions.MapUniqueJsonKey("website", "website");
options.ClaimActions.MapUniqueJsonKey("gender", "gender");
options.ClaimActions.MapUniqueJsonKey("birthdate", "birthdate");
您还应该添加一个 IdentityResource 定义,因为它控制进入 ID-Token 的内容,例如
_identityResources = new List<IdentityResource>()
{
new IdentityResources.OpenId(),
new IdentityResources.Email(),
new IdentityResources.Profile(),
new IdentityResources.Address(),
};