AspNet身份2:自定义OAuth终结点响应 [英] AspNet Identity 2: Customize OAuth endpoint response
问题描述
我成功实现了自定义OAuthAuthorizationServerProvider.但是,当我登录并获取令牌时,我的客户端对用户的角色,声明等一无所知.
I successfully implemented my custom OAuthAuthorizationServerProvider. But when I log in and retrieve a token, my client doesn't have any idea of the user's roles, claims, etc.
我目前添加了一个webapi控制器来返回委托人的声明列表,但对此我并不满意.
I currently added a webapi controller to return the list of the principal's claims, but I'm not really happy with that.
请求令牌时,当前响应如下:
When requesting a token, the current response looks like:
{
access_token: "qefelgrebjhzefilrgo4583535",
token_type: "bearer",
expires_in: 59
}
Q>如何使其返回类似以下代码段的内容?
{
access_token: "qefelgrebjhzefilrgo4583535",
token_type: "bearer",
expires_in: 59,
user: {
name: 'foo',
role: 'bar'
}
}
到目前为止,我的进度:
OAuthAuthorizationServerProvider#TokenEndpoint(OAuthTokenEndpointContext)的文档说:
在成功的令牌端点请求的最后阶段调用.一个应用程序 可以执行此调用,以对权利要求进行任何最终修改 用于发布访问或刷新令牌.也可以使用此电话 为了向令牌端点的json添加其他响应参数 响应主体.
Called at the final stage of a successful Token endpoint request. An application may implement this call in order to do any final modification of the claims being used to issue access or refresh tokens. This call may also be used in order to add additional response parameters to the Token endpoint's json response body.
我找不到任何有关如何自定义响应的示例,并且asp-net Identity的源代码尚未发布,所以我很困惑.
I couldn't find any example of how to customize the response, and asp-net Identity's source code is not yet released, so I'm quite stuck.
推荐答案
也许您正在寻找OAuthAuthorizationServerProvider的TokenEndpoint方法替代.
May be you are looking for TokenEndpoint method override of OAuthAuthorizationServerProvider.
public override Task TokenEndpoint(OAuthTokenEndpointContext context)
{
foreach (KeyValuePair<string, string> property in context.Properties.Dictionary)
{
context.AdditionalResponseParameters.Add(property.Key, property.Value);
}
return Task.FromResult<object>(null);
}
这篇关于AspNet身份2:自定义OAuth终结点响应的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
