SecurityTokenValidated Identity 丢失
SecurityTokenValidated Identity gets lost
我试图在 SecurityTokenValidated 事件中获取访问令牌,在获取访问令牌后,我将其保存在声明中。问题是,当我尝试访问该声明时,它不再存在。
SecurityTokenValidated 代码是这样的:
public static async Task<Task> SecurityTokenValidated(SecurityTokenValidatedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> context)
{
string aadInstance = ConfigurationManager.AppSettings["ida:AADInstance"];
string clientId = ConfigurationManager.AppSettings["ida:ClientId"];
string clientSecret = ConfigurationManager.AppSettings["ida:ClientSecret"];
string source = ConfigurationManager.AppSettings["ExchangeOnlineId"];
var authContext = new AuthenticationContext(aadInstance, false);
var credentials = new ClientCredential(clientId, clientSecret);
var appRedirectUrl = context.Request.Scheme + "://" + context.Request.Host + context.Request.PathBase + "/";
var authResult = await authContext.AcquireTokenByAuthorizationCodeAsync(context.ProtocolMessage.Code, new Uri(appRedirectUrl), credentials, source);
var accessToken = authResult.AccessToken;
var applicationUserIdentity = new ClaimsIdentity(context.OwinContext.Authentication.User.Identity);
applicationUserIdentity.AddClaim(new Claim("AccessToken", accessToken));
context.OwinContext.Authentication.User.AddIdentity(applicationUserIdentity);
return Task.FromResult(0);
}
我尝试这样访问它:
var accessToken =((ClaimsPrincipal)HttpContext.Current.User).FindFirst("AccessToken").Value;
更新:
事实证明我们有一些代码覆盖了 HttpContext.Current.User。我对该代码做了一些更改,如下所示:
var claims = ((ClaimsPrincipal)HttpContext.Current.User).Claims;
var newPrincipal = new GenericPrincipal(new GenericIdentity(domainUserName), null);
((ClaimsIdentity)newPrincipal.Identity).AddClaims(claims);
HttpContext.Current.User = newPrincipal;
但运气不好。我可以很好地获得索赔,但我在 newPrincipal 上看不到它们...
看来问题出在我访问它们的方式上。这不起作用:
var accessToken =((ClaimsPrincipal)HttpContext.Current.User).FindFirst("AccessToken").Value;
同时这样做:
var accessToken =((ClaimsIdentity)HttpContext.Current.User.Identity).FindFirst("AccessToken").Value;
我试图在 SecurityTokenValidated 事件中获取访问令牌,在获取访问令牌后,我将其保存在声明中。问题是,当我尝试访问该声明时,它不再存在。
SecurityTokenValidated 代码是这样的:
public static async Task<Task> SecurityTokenValidated(SecurityTokenValidatedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> context)
{
string aadInstance = ConfigurationManager.AppSettings["ida:AADInstance"];
string clientId = ConfigurationManager.AppSettings["ida:ClientId"];
string clientSecret = ConfigurationManager.AppSettings["ida:ClientSecret"];
string source = ConfigurationManager.AppSettings["ExchangeOnlineId"];
var authContext = new AuthenticationContext(aadInstance, false);
var credentials = new ClientCredential(clientId, clientSecret);
var appRedirectUrl = context.Request.Scheme + "://" + context.Request.Host + context.Request.PathBase + "/";
var authResult = await authContext.AcquireTokenByAuthorizationCodeAsync(context.ProtocolMessage.Code, new Uri(appRedirectUrl), credentials, source);
var accessToken = authResult.AccessToken;
var applicationUserIdentity = new ClaimsIdentity(context.OwinContext.Authentication.User.Identity);
applicationUserIdentity.AddClaim(new Claim("AccessToken", accessToken));
context.OwinContext.Authentication.User.AddIdentity(applicationUserIdentity);
return Task.FromResult(0);
}
我尝试这样访问它:
var accessToken =((ClaimsPrincipal)HttpContext.Current.User).FindFirst("AccessToken").Value;
更新: 事实证明我们有一些代码覆盖了 HttpContext.Current.User。我对该代码做了一些更改,如下所示:
var claims = ((ClaimsPrincipal)HttpContext.Current.User).Claims;
var newPrincipal = new GenericPrincipal(new GenericIdentity(domainUserName), null);
((ClaimsIdentity)newPrincipal.Identity).AddClaims(claims);
HttpContext.Current.User = newPrincipal;
但运气不好。我可以很好地获得索赔,但我在 newPrincipal 上看不到它们...
看来问题出在我访问它们的方式上。这不起作用:
var accessToken =((ClaimsPrincipal)HttpContext.Current.User).FindFirst("AccessToken").Value;
同时这样做:
var accessToken =((ClaimsIdentity)HttpContext.Current.User.Identity).FindFirst("AccessToken").Value;