使用oauth2和AngularJS将其他参数发送到Web API中的令牌 [英] Sending Additional Parameters to Token in Web API with oauth2 and AngularJS

问题描述

我有一个用AngularJS编写的应用程序，该应用程序通过oauth 2与Web API进行了身份验证联系.一切工作都与该核心部分很好地进行了，但是我需要传递其他参数来评估登录名(clientID)并设置一个记得我键入功能(记住).

I've got an application written in AngularJS that contacts a Web API for authentication via oauth 2. Everything is working well with that core piece, but I need to pass in additional parameters to evaluate the login (clientID) and setup a remember me type functionality (remember).

从Angular角度来看，看起来像这样:

From the Angular side, it would look something like this:

    var data = "grant_type=password&username=" + form.username + "&password=" + form.password + "&clientID=" + clientID + "&remember=" + form.remember;

    var deferred = $q.defer();

    $http.post(serviceBase + 'token', data, { headers: { 'Content-Type': 'application/x-www-form-urlencoded' } }).success(function (response) {

是否有任何想法是通过Startup.cs和SimpleAuthorizationServerProvider.cs处理令牌后捕获这些值的最佳方法?谢谢

Any thoughts as the best way to capture those values once I'm processing the token through Startup.cs and SimpleAuthorizationServerProvider.cs? Thanks

推荐答案

使用GrantResourceOwnerCredentials时，可以从OAuthGrantResourceOwnerCredentialsContext检索OWIN请求，并通过调用ReadFormAsync()提取所需的自定义参数.

When using GrantResourceOwnerCredentials, you can retrieve the OWIN request from OAuthGrantResourceOwnerCredentialsContext and extract the custom parameter you need by calling ReadFormAsync().

public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
    var form = await context.Request.ReadFormAsync();

    if (string.Equals(form["remember"], "true", StringComparison.OrdinalIgnoreCase))
    {
        // Add custom logic to handle the "remember me" case.
    }
}

也就是说，通常不建议添加自定义(即非标准)参数，尤其是在必须使用的情况下.请注意，您不需要使用自定义的clientID参数，因为已经有一个标准的等效项:client_id.

That said, adding custom (i.e non-standard) parameters is usually discouraged, specially if they are mandatory. Note that you don't need to use a custom clientID parameter, as there's already a standard equivalent: client_id.

这篇关于使用oauth2和AngularJS将其他参数发送到Web API中的令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！