Return 使用 WebApi2 中的 Owin 的 Bearer Tokens 自定义类型

Question

我需要在我的 Web api 项目中实施 OWIN 身份验证。我也可以这样做，而且我还可以 return 多项索赔。 但是我想 return UserDetails 在我挣扎的地方成功登录后键入值。

public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{

}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
        var identity = new ClaimsIdentity(context.Options.AuthenticationType);
        identity.AddClaim(new Claim("UserName", userDetails.UserName));
        identity.AddClaim(new Claim("Iata", userDetails.Iata));
        context.Validated(identity);

        UserDetailsDTO userDetails = UserDetailService.GetUserdetailExternal(context.UserName, context.Password, userDetails.Iata);

       // I want to return userDetails where i need help

}
public override Task TokenEndpoint(OAuthTokenEndpointContext context)
{
    foreach (KeyValuePair<string, string> property in context.Properties.Dictionary)
    {
        context.AdditionalResponseParameters.Add(property.Key, property.Value);
    }
    return Task.FromResult<object>(null);
}

public class UserDetailsDTO
{
    public string UserName { get; set; }
    public string Iata { get; set; }
    public string LoginId { get; set; }
    public Screen Screens { get; set; }
    public string ErrorText { get; set; }
    public string Roles { get; set; }
    public bool IsADUser { get; set; }
}

public class Screen
{
    public string ScreenName { get; set; }
    public string ScreenUrl { get; set; }

}

JSON输出

"access_token": "pG-Ho6S_0-JGdBcUwmtuGBpuoAECjC8T0bs93_FtmOw7dzUezgTRHrbyos67DM8xJmDrjF8vHVBXNlyRUoHxABFA2NOdMvtYPOaoKNMAES1jPN6gWcOQwZN5Tlcyc4qYkXCUGnVuVFncLZIvf0aBIZwUKiJDW4OxCJuh7wRoe49XUCh3hCd8-8R6ZcTy3VKGQlJmLau1pFaHZsqMeGdvbPvxSmixptGp29u76QThnovr8XMmh65f9o1JWDer6CsQSnd2VG1NEkrkhBWur2Jyz6EdEyW-ZbVeEvlw28P_i899RTEjhTBKBlo7m8sLJKViGDEO-uW0r9iBDThp2F-V-0ggp_wfsBHQDbTjqoddSITFAxwe7Vpm1BQAptyF_-Fu2oV-CbzVWucD8dr-PQKBlN8m3tFv4lMO2681X9bApF5yivkDvEMYW5_cNO5hzIOvsQ8hUh7oY5iF-mVZkUgXHmk9pqbAYQ9evTK3MCtDS-XLKqvdkb90BwDFYW6jKg_Sv7IcuYbHv7i5jTwSM8K6MySyjha_Y_4y1VVhx5QSe4afFnH_Z5nNimrGDJgi5mZbRbiKDFeR28qjxXZWmJ8ISyxQRZmT_JVZArGDpu-hVoUcz9CDLvHeCcL2a9uXmLm0",
  "token_type": "bearer",
  "expires_in": 86399,
  ".issued": "Thu, 22 Mar 2018 15:35:56 GMT",
  ".expires": "Fri, 23 Mar 2018 15:35:56 GMT",
  "UserName": "rmishra",
  "Iata": "AU"

我无法通过 bearer_token 在我的 JSON 对象中获取 userDetails。 谁能帮我 return 一样吗？

Answer 1

您需要在身份验证中分配 userdetails json 字符串 属性 然后生成身份验证票并验证身份验证票。

UserDetailsDTO userDetails = UserDetailService.GetUserdetailExternal(context.UserName, context.Password, userDetails.Iata);

var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim("UserName", userDetails.UserName));
identity.AddClaim(new Claim("Iata", userDetails.Iata));
IDictionary<string, string> authProp = new Dictionary<string, string>()
{
    { "UserName", userDetails.UserName },
    { "Iata", userDetails.Iata},
    { "UserDetails", Newtonsoft.Json.JsonConvert.SerializeObject(userDetails)}
};
var ticket = new AuthenticationTicket(identity, authProp);
context.Validated(ticket);