在 ASP.NET 核心 SPA 模板的身份核心令牌响应中添加角色
Add Role in Identity Core Token Response for ASP.NET Core SPA Template
所以我正在使用 ASP.NET 具有内置授权的核心 React 模板 。在该模板中,一切正常,我可以通过此
登录并注册一个帐户
services.AddDefaultIdentity<ApplicationUser>(options => options.SignIn.RequireConfirmedAccount = true)
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddIdentityServer()
.AddApiAuthorization<ApplicationUser, ApplicationDbContext>();
services.AddAuthentication()
.AddIdentityServerJwt();
当我通过应用程序本地存储查看令牌时,我得到以下数据。没有角色。
我还通过 jwt.io
查看了访问令牌
我的问题是,我怎样才能在那里添加角色或在 jwt 令牌中添加角色?
谢谢!
您需要创建一个 ProfileService 实现 IProfileService 接口
我从我的项目中分享给你代码
public class ProfileService : IProfileService
{
protected UserManager<ApplicationUser> UserManager;
public ProfileService(UserManager<ApplicationUser> userManager)
{
UserManager = userManager;
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
ApplicationUser user = await UserManager.GetUserAsync(context.Subject);
IList<string> roles = await UserManager.GetRolesAsync(user);
var claims = new List<Claim> {
// here you can include other properties such as id, email, address, etc. as part of the jwt claim types
new Claim(JwtClaimTypes.Email, user.Email),
new Claim(JwtClaimTypes.Name, $"{user.Firstname} {user.Lastname}")
};
foreach (string role in roles)
{
// include the roles
claims.Add(new Claim(JwtClaimTypes.Role, role));
}
context.IssuedClaims.AddRange(claims);
}
public Task IsActiveAsync(IsActiveContext context)
{
return Task.CompletedTask;
}
}
将 DI 注册添加到 Startup
services.AddTransient<IProfileService, ProfileService>();
IdentityServer4 中的详细信息documentation
所以我正在使用 ASP.NET 具有内置授权的核心 React 模板 。在该模板中,一切正常,我可以通过此
登录并注册一个帐户services.AddDefaultIdentity<ApplicationUser>(options => options.SignIn.RequireConfirmedAccount = true)
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddIdentityServer()
.AddApiAuthorization<ApplicationUser, ApplicationDbContext>();
services.AddAuthentication()
.AddIdentityServerJwt();
当我通过应用程序本地存储查看令牌时,我得到以下数据。没有角色。
我还通过 jwt.io
查看了访问令牌我的问题是,我怎样才能在那里添加角色或在 jwt 令牌中添加角色?
谢谢!
您需要创建一个 ProfileService 实现 IProfileService 接口
我从我的项目中分享给你代码
public class ProfileService : IProfileService
{
protected UserManager<ApplicationUser> UserManager;
public ProfileService(UserManager<ApplicationUser> userManager)
{
UserManager = userManager;
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
ApplicationUser user = await UserManager.GetUserAsync(context.Subject);
IList<string> roles = await UserManager.GetRolesAsync(user);
var claims = new List<Claim> {
// here you can include other properties such as id, email, address, etc. as part of the jwt claim types
new Claim(JwtClaimTypes.Email, user.Email),
new Claim(JwtClaimTypes.Name, $"{user.Firstname} {user.Lastname}")
};
foreach (string role in roles)
{
// include the roles
claims.Add(new Claim(JwtClaimTypes.Role, role));
}
context.IssuedClaims.AddRange(claims);
}
public Task IsActiveAsync(IsActiveContext context)
{
return Task.CompletedTask;
}
}
将 DI 注册添加到 Startup
services.AddTransient<IProfileService, ProfileService>();
IdentityServer4 中的详细信息documentation