基于角色的令牌ASP.net身份 [英] Role based tokens ASP.net Identity
本文介绍了基于角色的令牌ASP.net身份的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在使用标准ASP.net OWIN OAuth中间件系统来使用Bearer令牌对本地用户进行身份验证.我想做的是为同一用户帐户分发基于角色的令牌.例如.
I am using the standard ASP.net OWIN OAuth middleware system to authenticate local users with Bearer tokens. What I would like to do is is hand out role-based tokens for the same user account. eg.
OAuth TokenA => General User Privileges
UserA ->
OAuth TokenB => Admin User Privileges
以任何方式支持此吗?
Is this supported in any way?
推荐答案
我能够使用以下方法解决此问题-
I was able to solve this using the following method -
//ensure the token is a User role token only
identity.AddClaim(new Claim(ClaimTypes.Role, "User"));
身份"是
System.Security.Claims.Identity
然后在我的System.Web.Http.AuthorizeAttribute
实现中,我可以像这样检查索赔-
Then in my System.Web.Http.AuthorizeAttribute
implementation, I can check the claim like so-
//get claims of the Role type
var identity = (ClaimsIdentity)actionContext.RequestContext.Principal.Identity;
IEnumerable<Claim> claims = identity.Claims.Where(c => c.Type == ClaimTypes.Role);
//check if any claim for the User role, if so this is a non-privleged token
var nonPrivToken = claims.Any(c => c.Value == "User");
这篇关于基于角色的令牌ASP.net身份的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文