如何从Oauth令牌中读取声明? [英] How do I read claims from my Oauth token?
问题描述
我做了一个安全令牌服务,该服务连接到我的身份存储,并返回带有声明的OAuth2令牌(如果有效)。我正在为此使用Thinktecture.IdentityServer。现在我可以将令牌传递给我的API,但是如何在Web服务中使用此令牌来确保它返回根据令牌中的适当声明过滤的数据?
I made a Security Token Service that connects to my identity store and returns an OAuth2 token with claims if valid. I'm using the Thinktecture.IdentityServer for this. Now I can pass the token to my API, but how do I use this token in my web services to make sure that it returns data that is filtered on the basis of the appropriate claims in the token?
我认为这里可能存在一些示例: https://github.com/thinktecture/Thinktecture.IdentityModel.45/tree/master/Samples/Web%20API ,但我不确定我了解这里发生了什么。有人可以写一个GET来解析jwt令牌中的身份声明并返回一组声明吗?
I think some samples might exist here: https://github.com/thinktecture/Thinktecture.IdentityModel.45/tree/master/Samples/Web%20API but I'm not certain I understand what is happening here. Can someone please write a GET that parses identity claims from the jwt token and returns a set of the claims?
推荐答案
I think the answer can be found here, but these integration tests were much more helpful.
这篇关于如何从Oauth令牌中读取声明?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!