混乱地方当局索赔和外部供应商索赔 [英] Confusion over LOCAL AUTHORITY claims and External Provider claims

问题描述

我创建了一个简单的WebAPI，它允许用户与Facebook连接。当我从Facebook获得的accessToken回来，我打电话RegisterExternal创建一个Asp.Net身份记录并存储在令牌中的声明。这些说法也包括我后来需要查询facebook的图形访问令牌。一切似乎罚款了这一点。

I am creating a simple WebApi which allows users to connect with Facebook. When I get the accessToken back from facebook, I am calling RegisterExternal to create an Asp.Net Identity record and store the Claims from the token. These claims also include the access token which I require to query the facebook graph later. All seems fine up to this point.

我遇到的问题是阅读的要求。我可以看到他们都在我的数据库中，我只是无法弄清楚如何查询该数据。我曾尝试

The issue I am having is reading the claims. I can see they are in my database I just cant figure out how to query this data. I have tried

var claimsIdentity = User.Identity as ClaimsIdentity;

但是，这将返回我要索赔2
一） http://schemas.xmlsoap.org/ws/2005/ 05 /识别/索赔/名
B）作用

这两者都是发行人的地方当局（说实话，我不知道他们是创造，因为我没有明确添加这些时）。所以我相信他们要么是对我的困惑保存索赔数据库agains错误类型的发行人

Both of these are of issuer LOCAL AUTHORITY (to be honest I am not sure when they are created as I am not explicitly adding these). So I believe their is either confusion on me saving the claims to the database agains the wrong type of issuer

await userManager.AddClaimAsync(user.Id, new Claim("urn:facebook:access_token", accessTokenClaim.Value, ClaimValueTypes.String, "LOCAL AUTHORITY"));

或我的code用于访问索赔是不正确。

or my code for accessing the claims is incorrect.

任何人都可以阐明这一些轻？

Can anybody shed some light on this?

推荐答案

当谈到加入索赔到你的身份：

When it comes to adding the claims to your Identity:

// Get the claims identity
    ClaimsIdentity claimsIdentity =
        await AuthenticationManager.GetExternalIdentityAsync(DefaultAuthenticationTypes.ExternalCookie);

    if (claimsIdentity != null)
    {
        // Retrieve the existing claims
        var currentClaims = await UserManager.GetClaimsAsync(user.Id);

        // Get the list of access token related claims from the identity
        var tokenClaims = claimsIdentity.Claims
            .Where(c => c.Type.StartsWith("urn:tokens:"));

        // Save the access token related claims
        foreach (var tokenClaim in tokenClaims)
        {
            if (!currentClaims.Contains(tokenClaim))
            {
                await UserManager.AddClaimAsync(user.Id, tokenClaim);
            }
        }
    }

要坚持这些主张到数据库中，则必须调用签到的用户：

To persist these claims to the database, you must call SignIn for the user:

// Sign in and redirect the user
    await SignInAsync(user, isPersistent: false);

要在以后检索索赔您只需使用：

To retrieve the claims later you simply use:

var claimsIdentity = HttpContext.User.Identity as ClaimsIdentity;
if (claimsIdentity != null)
   var claims = claimsIdentity.Claims;

这code是由从这篇文章摘录的：的http://www.jerriepelser.com/blog/get-the-twitter-profile-image-using-the-asp-net-identity

This code is comprised of snippets from this article: http://www.jerriepelser.com/blog/get-the-twitter-profile-image-using-the-asp-net-identity

我建议你通过它阅读，如果你想看到一个完整的例子。我已经使用了code在这篇文章中我和它在我​​的项目为Twitter和Facebook对外宣称伟大的工作。

I'd recommend reading through it if you would like to see a full example. I have used the code in this article myself and it worked great in my project for both Twitter and Facebook external claims.

这篇关于混乱地方当局索赔和外部供应商索赔的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！