如何从ClaimsPrinciple中删除现有的索赔？ [英] How do I remove an existing claim from a ClaimsPrinciple?

问题描述

我正在开发一个用于为Intranet网站模拟 Roles 的开发人员工具，以允许开发人员快速充当任何 Role 根据需要。定义的角色是开发人员，团队负责人，团队成员，工程，市场营销，来宾，网页上的工具会调用Web Api以添加或删除 Claim ...好吧，我可以添加，但似乎找不到 .RemoveClaim（claim）或<$可以访问c $ c> .TryRemoveClaim（claim）来使它工作。我是否必须创建自定义索赔管理器才能获得此功能，或者我缺少什么？

I am making a developer tool for impersonating Roles for an intranet site to allow developers to quickly act as any Role as needed. Roles defined are Developer, Team Lead, Team Member, Engineering, Marketing, Guest and a tool on the web page makes a call to a Web Api to add or remove the Claim... well I can add but can't seem to find out where the .RemoveClaim(claim) or .TryRemoveClaim(claim) can be accessed to get this working. Do I have to create a custom claims manager to get this functionality or am I missing something?

我一直在查看 System.Security.Clams 和几乎所有其他一切似乎都非常简单，并且没有提及需要做大量工作来完成我所需要的工作。

I have been looking at System.Security.Claims and almost everything else seems to work very straightforward and there is no reference as to needing extensive work to do what I need.

我正在将VS 2013 / Web Api2与.NET配合使用4.5.1。

I am using VS 2013/Web Api2 with .NET 4.5.1.

网站方面只使用了一个简单的ajax调用来对 PUT 和删除功能，直到按我的方式工作为止。在Controller中，我的cs代码为：

The website side just uses a simple ajax call to PUT and DELETE functionality till I get this to work the way I want. From the Controller, my cs code is as:

    public void Put(int id, [FromBody]string role)
    {
        if (FindClaim(role) != null) return;

        var user = HttpContext.Current.User as ClaimsPrincipal;
        if (user == null) return;

        var claimId = new ClaimsIdentity();
        claimId.AddClaim(new Claim(ClaimTypes.Role, role));
        user.AddIdentity(claimId);
    }

    // DELETE api/devroleadjuster/5
    public void Delete(int id, [FromBody]string role)
    {
        var claim = FindClaim(role);
        if (claim == null) return;

        var user = HttpContext.Current.User as ClaimsPrincipal;
        if (user == null)  return;

        // Why can't I do this????
        user.RemoveClaim(claim);
    }

    private Claim FindClaim(string role)
    {
        try
        {
            var user = HttpContext.Current.User as ClaimsPrincipal;
            var claim = (from c in user.Claims
                         where c.Value == role
                         select c).Single();
            return claim;
        }
        catch (InvalidOperationException)
        {
            return null;
        }
    }

放置正常工作，问题出在我代码的 Delete 部分...我想使用 user.RemoveClaim（claim ）; 代码或类似的代码...我看不到为什么我不能按照MSDN进行操作，也找不到删除示例的任何示例代码。

The Put works just fine, the problem is with the Delete portion of my code... I want to use the user.RemoveClaim(claim); code or something like it... I can't see why I can't according to MSDN, and I can't find any example code for removing a claim.

推荐答案

您应使用身份添加或删除声明。

You should use identity to add or remove a claim. Try this to add a claim.

var user = User as ClaimsPrincipal;
var identity = user.Identity as ClaimsIdentity;
identity.AddClaim(new Claim(ClaimTypes.Role, "somenewrole"));

要删除索赔，

var user = User as ClaimsPrincipal;
var identity = user.Identity as ClaimsIdentity;
var claim = (from c in user.Claims
                         where c.Value == "somenewrole"
                         select c).Single();
identity.RemoveClaim(claim);

BTW，最好使用 User 而不是 HttpContext.Current.User 。

BTW, it is better to use User from your controller instead of HttpContext.Current.User.

这篇关于如何从ClaimsPrinciple中删除现有的索赔？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！