添加额外的细节到的WebAPI承载令牌 [英] Adding extra details to a webapi bearer token

问题描述

我想学习新的webapi2.1验证件。

I am trying to learn the new webapi2.1 authentication pieces.

我已经拿到了承载令牌连接起来，并与我的WebAPI工作。我我想接下来做的事情是能够存储令牌中的一些附加信息（如果可能的话），所以当客户端回送的令牌，我可以，而不需要将它们发送多个值检索的详细信息。

I have got the bearer token wired up and working with my webapi. My next thing I would like to do is be able to store some additional information within the token (if possible) so when the client sends back the token I can retrieve the details without the need of them sending multiple values.

能否令牌可以扩展到包含自定义数据？

Can the token be extended to contain custom data?

对不起

感谢您

推荐答案

由于令牌与一个秘密密钥签名 - 只有发行人可以将数据添加到它

Since the token is signed with a "secret" key - only the issuer can add data to it.

您可以修改的东西到你的Web API中收到令牌后，设置声明 - 这就是所谓的声明转换。

You can amend something to the claim set after receiving the token in your Web API - this is called claims transformation.

我这里有它的一个示例：
<一href=\"https://github.com/thinktecture/Thinktecture.IdentityModel/tree/master/samples/OWIN/AuthenticationTansformation\" rel=\"nofollow\">https://github.com/thinktecture/Thinktecture.IdentityModel/tree/master/samples/OWIN/AuthenticationTansformation

I have a sample of it here: https://github.com/thinktecture/Thinktecture.IdentityModel/tree/master/samples/OWIN/AuthenticationTansformation

在本质上你正在写一些code，它检查传入令牌，并添加应用程序的具体索赔所产生的本金。

In essence you are writing some code that inspects the incoming token and add application specific claims to the resulting principal.

    // Transform claims to application identity
    app.UseClaimsTransformation(TransformClaims);

    private Task<ClaimsPrincipal> TransformClaims(ClaimsPrincipal incoming)
    {
        if (!incoming.Identity.IsAuthenticated)
        {
            return Task.FromResult<ClaimsPrincipal>(incoming);
        }

        // Parse incoming claims - create new principal with app claims
        var claims = new List<Claim>
        {
            new Claim(ClaimTypes.Role, "foo"),
            new Claim(ClaimTypes.Role, "bar")
        };

        var nameId = incoming.FindFirst(ClaimTypes.NameIdentifier);
        if (nameId != null)
        {
            claims.Add(nameId);
        }

        var thumbprint = incoming.FindFirst(ClaimTypes.Thumbprint);
        if (thumbprint != null)
        {
            claims.Add(thumbprint);
        }

        var id = new ClaimsIdentity("Application");
        id.AddClaims(claims);

        return Task.FromResult<ClaimsPrincipal>(new ClaimsPrincipal(id));
    }

这篇关于添加额外的细节到的WebAPI承载令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！