AddOAuth linkedin dotnet core 2.0
AddOAuth linkedin dotnet core 2.0
我正在使用 dotnet core 我想在网站上设置 LinkedIn 身份验证,因为 LinkedIn 没有默认的身份验证生成器,如 facebook、google 和 twitter 我决定使用如下通用实现:
services.AddAuthentication().AddOAuth("LinkedIn",
c =>
{
c.ClientId = Configuration["linkedin-app-id"];
c.ClientSecret = Configuration["linkedin-app-secret"];
c.Scope.Add("r_basicprofile");
c.Scope.Add("r_emailaddress");
c.CallbackPath = "/signin-linkedin";
c.AuthorizationEndpoint = "https://www.linkedin.com/oauth/v2/authorization";
c.TokenEndpoint = "https://www.linkedin.com/oauth/v2/accessToken";
c.UserInformationEndpoint = "https://api.linkedin.com/v1/people/~:(id,formatted-name,email-address,picture-url)";
})
我遇到问题是因为 GetExternalLoginInfoAsync() 为空,查看身份 ASP.net 核心源,是因为 providerkey 为空。
摘自asp.net核心代码:
var providerKey = auth.Principal.FindFirstValue(ClaimTypes.NameIdentifier);
var provider = items["LoginProvider"] as string;
if (providerKey == null || provider == null)
{
return null;
}
问题是我在哪里可以将 ClaimTypes.NameIdentifier 添加到 LinkedIn 声明中?
在这种情况下,您必须像这样使用 OauthEvent 手动预填充每个声明:
.AddOAuth("LinkedIn",
c =>
{
c.ClientId = Configuration["linkedin-app-id"];
c.ClientSecret = Configuration["linkedin-app-secret"];
c.Scope.Add("r_basicprofile");
c.Scope.Add("r_emailaddress");
c.CallbackPath = "/signin-linkedin";
c.AuthorizationEndpoint = "https://www.linkedin.com/oauth/v2/authorization";
c.TokenEndpoint = "https://www.linkedin.com/oauth/v2/accessToken";
c.UserInformationEndpoint = "https://api.linkedin.com/v1/people/~:(id,formatted-name,email-address,picture-url)";
c.Events = new OAuthEvents
{
OnCreatingTicket = async context =>
{
var request = new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", context.AccessToken);
request.Headers.Add("x-li-format", "json");
var response = await context.Backchannel.SendAsync(request, context.HttpContext.RequestAborted);
response.EnsureSuccessStatusCode();
var user = JObject.Parse(await response.Content.ReadAsStringAsync());
var userId = user.Value<string>("id");
if (!string.IsNullOrEmpty(userId))
{
context.Identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userId, ClaimValueTypes.String, context.Options.ClaimsIssuer));
}
var formattedName = user.Value<string>("formattedName");
if (!string.IsNullOrEmpty(formattedName))
{
context.Identity.AddClaim(new Claim(ClaimTypes.Name, formattedName, ClaimValueTypes.String, context.Options.ClaimsIssuer));
}
var email = user.Value<string>("emailAddress");
if (!string.IsNullOrEmpty(email))
{
context.Identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String,
context.Options.ClaimsIssuer));
}
var pictureUrl = user.Value<string>("pictureUrl");
if (!string.IsNullOrEmpty(pictureUrl))
{
context.Identity.AddClaim(new Claim("profile-picture", pictureUrl, ClaimValueTypes.String,
context.Options.ClaimsIssuer));
}
}
};
})
使用 AspNet.Security.OAuth.Providers 中的 NuGet 包并使用 options.ClaimActions.MapJsonKey
转换声明更简单
.AddLinkedIn(options =>
{
var linkedInOptions = new Dictionary<string, string>();
Configuration.Bind("LinkedIn", linkedInOptions);
options.ClientId = linkedInOptions[nameof(options.ClientId)];
options.ClientSecret = linkedInOptions[nameof(options.ClientSecret)];
// Use v2 API
options.AuthorizationEndpoint = "https://www.linkedin.com/oauth/v2/authorization";
options.TokenEndpoint = "https://www.linkedin.com/oauth/v2/accessToken";
// This is already mapped by NuGet package
//options.ClaimActions.MapJsonKey(OpenIdConnectConstants.Claims.Name, "formattedName");
我正在使用 dotnet core 我想在网站上设置 LinkedIn 身份验证,因为 LinkedIn 没有默认的身份验证生成器,如 facebook、google 和 twitter 我决定使用如下通用实现:
services.AddAuthentication().AddOAuth("LinkedIn",
c =>
{
c.ClientId = Configuration["linkedin-app-id"];
c.ClientSecret = Configuration["linkedin-app-secret"];
c.Scope.Add("r_basicprofile");
c.Scope.Add("r_emailaddress");
c.CallbackPath = "/signin-linkedin";
c.AuthorizationEndpoint = "https://www.linkedin.com/oauth/v2/authorization";
c.TokenEndpoint = "https://www.linkedin.com/oauth/v2/accessToken";
c.UserInformationEndpoint = "https://api.linkedin.com/v1/people/~:(id,formatted-name,email-address,picture-url)";
})
我遇到问题是因为 GetExternalLoginInfoAsync() 为空,查看身份 ASP.net 核心源,是因为 providerkey 为空。
摘自asp.net核心代码:
var providerKey = auth.Principal.FindFirstValue(ClaimTypes.NameIdentifier);
var provider = items["LoginProvider"] as string;
if (providerKey == null || provider == null)
{
return null;
}
问题是我在哪里可以将 ClaimTypes.NameIdentifier 添加到 LinkedIn 声明中?
在这种情况下,您必须像这样使用 OauthEvent 手动预填充每个声明:
.AddOAuth("LinkedIn",
c =>
{
c.ClientId = Configuration["linkedin-app-id"];
c.ClientSecret = Configuration["linkedin-app-secret"];
c.Scope.Add("r_basicprofile");
c.Scope.Add("r_emailaddress");
c.CallbackPath = "/signin-linkedin";
c.AuthorizationEndpoint = "https://www.linkedin.com/oauth/v2/authorization";
c.TokenEndpoint = "https://www.linkedin.com/oauth/v2/accessToken";
c.UserInformationEndpoint = "https://api.linkedin.com/v1/people/~:(id,formatted-name,email-address,picture-url)";
c.Events = new OAuthEvents
{
OnCreatingTicket = async context =>
{
var request = new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", context.AccessToken);
request.Headers.Add("x-li-format", "json");
var response = await context.Backchannel.SendAsync(request, context.HttpContext.RequestAborted);
response.EnsureSuccessStatusCode();
var user = JObject.Parse(await response.Content.ReadAsStringAsync());
var userId = user.Value<string>("id");
if (!string.IsNullOrEmpty(userId))
{
context.Identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userId, ClaimValueTypes.String, context.Options.ClaimsIssuer));
}
var formattedName = user.Value<string>("formattedName");
if (!string.IsNullOrEmpty(formattedName))
{
context.Identity.AddClaim(new Claim(ClaimTypes.Name, formattedName, ClaimValueTypes.String, context.Options.ClaimsIssuer));
}
var email = user.Value<string>("emailAddress");
if (!string.IsNullOrEmpty(email))
{
context.Identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String,
context.Options.ClaimsIssuer));
}
var pictureUrl = user.Value<string>("pictureUrl");
if (!string.IsNullOrEmpty(pictureUrl))
{
context.Identity.AddClaim(new Claim("profile-picture", pictureUrl, ClaimValueTypes.String,
context.Options.ClaimsIssuer));
}
}
};
})
使用 AspNet.Security.OAuth.Providers 中的 NuGet 包并使用 options.ClaimActions.MapJsonKey
.AddLinkedIn(options =>
{
var linkedInOptions = new Dictionary<string, string>();
Configuration.Bind("LinkedIn", linkedInOptions);
options.ClientId = linkedInOptions[nameof(options.ClientId)];
options.ClientSecret = linkedInOptions[nameof(options.ClientSecret)];
// Use v2 API
options.AuthorizationEndpoint = "https://www.linkedin.com/oauth/v2/authorization";
options.TokenEndpoint = "https://www.linkedin.com/oauth/v2/accessToken";
// This is already mapped by NuGet package
//options.ClaimActions.MapJsonKey(OpenIdConnectConstants.Claims.Name, "formattedName");