C#Microsoft身份验证从控制器获取登录用户 [英] C# Microsoft Authentication Get logged user from controller
问题描述
因此,我有一个使用Microsoft身份验证(msal.js)进行登录的Angular和C#Web API 2应用程序.现在,我正在尝试保存数据,并且需要当前登录用户的详细信息.有没有办法从C#控制器获取登录用户?
So I have an Angular and C# Web API 2 app that uses Microsoft Authentication (msal.js) for the login. Now I'm trying to save data and I need the details of the current logged user. Is there a way to get the logged user from the C# Controller?
我可以在Angular中执行此操作,但是我认为从客户端执行此操作并不安全,因此我在考虑是否可以通过某种方式让后端知道谁是登录用户.
I can do this in Angular, but I think it's not secured to do it from the client side so I was thinking if maybe there was a way that the backend knows who's the logged user.
提前谢谢!
编辑
Startup.Auth.cs
var tvps = new TokenValidationParameters
{
ValidAudience = "the id given from Microsoft Graph Registration", //xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
ValidateIssuer = false,
};
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions
{
AccessTokenFormat = new Microsoft.Owin.Security.Jwt.JwtFormat(tvps, new OpenIdConnectCachingSecurityTokenProvider("https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration"))
});
frontend-login.ts
let userAgentApp = new UserAgentApplication(clientId, null,
(errorDes: any, token: any, error: any, tokenType: any) => {
userAgentApp.acquireTokenSilent(["user.read"]).then((token: string) => {});
}, { redirectUri: 'http://localhost:port/signin-microsoft' });
userAgentApp.loginPopup(["user.read"]).then((token: string) => {
//store the token and redirect to home page
});
编辑
我在访问API时正在使用它,
I am using it when accessing the API like this:
this.headers.append('Authorization', 'Bearer ' + sessionStorage.getItem('token'));
this.http.get(`${this.url}`, { headers: this.headers })
.map((response: Response) => { return response.json() })
最终编辑
我对此发布了另一个问题,并且在那里得到了回答.我将在下面发布链接,以防将来有人需要它:
I posted another question regarding this and this problem was answered there. I am posting the link below in case someone needs it in the future:
C#Web API 2& Angular-Microsoft帐户身份验证
推荐答案
在Web Api中,您需要读取Bearer令牌. 这里是关于整个主题的教程,但要点是在设置owin管道时在启动类中使用UseOAuthBearerAuthentication
,这将在调用 RequestContext.Principal .
In Web Api, you need to read the Bearer Token. Here is a tutorial on the subject as a whole, but the gist of it is to use UseOAuthBearerAuthentication
in your startup class when setup up the owin pipeline, this will enable access in controllers when calling RequestContext.Principal.
public class Startup
{
public void Configuration(IAppBuilder app)
{
ConfigureOAuth(app);
//Rest of code is here;
}
public void ConfigureOAuth(IAppBuilder app)
{
OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
Provider = new SimpleAuthorizationServerProvider()
};
// Token Generation
app.UseOAuthAuthorizationServer(OAuthServerOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
}
这篇关于C#Microsoft身份验证从控制器获取登录用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!