System.IdentityModel.Tokens.JwtSecurityToken定制属性 [英] System.IdentityModel.Tokens.JwtSecurityToken custom properties
问题描述
我的AuthServer当前正在使用以下代码来生成JwtSecurityToken:
My AuthServer is currently using the following code to generate a JwtSecurityToken:
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
有效载荷如下:
{
"unique_name": "myUserName",
"sub": "myUserName",
"role": "API_User",
"iss": "Automation",
"aud": "099153c2625149bc8ecb3e85e03f0022",
"exp": 1486056731,
"nbf": 1483464731
}
我想在令牌有效载荷内添加一些自定义字段/属性,例如ProfilePicURL,以便有效载荷看起来像这样:
I would like to add some custom fields/properties within the token payload, such as ProfilePicURL, so that the payload can look something like this:
{
"unique_name": "myUserName",
"sub": "myUserName",
"role": "API_User",
"iss": "Automation",
"aud": "099153c2625149bc8ecb3e85e03f0022",
"exp": 1486056731,
"nbf": 1483464731,
"profilePicture": "http://url/user.jpg"
}
如何添加这些自定义属性并确保令牌包含它们?
How do I go about adding these custom properties and ensuring that the token contains them?
推荐答案
JwtSecurityToken exposes a JwtPayload Payload { get; set;} property. JwtPayload derives from Dictionary<string, object> so just add it to the payload...
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
token.Payload["profilePicture"] = "http://url/user.jpg"
var handler = new JwtSecurityTokenHandler();
var jwt = handler.WriteToken(token);
使用WriteToken对令牌进行编码和签名很重要,因为仅获取RawData属性将不起作用(令牌将不包含自定义声明).
It is important that you use WriteToken to encode and sign the token, as simply getting the RawData property will not work (the token will not contain the custom claims).
这篇关于System.IdentityModel.Tokens.JwtSecurityToken定制属性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
