如何从Oauth令牌中读取声明？ [英] How do I read claims from my Oauth token?

问题描述

我做了一个安全令牌服务，该服务连接到我的身份存储，并返回带有声明的OAuth2令牌（如果有效）。我正在为此使用Thinktecture.IdentityServer。现在我可以将令牌传递给我的API，但是如何在Web服务中使用此令牌来确保它返回根据令牌中的适当声明过滤的数据？

I made a Security Token Service that connects to my identity store and returns an OAuth2 token with claims if valid. I'm using the Thinktecture.IdentityServer for this. Now I can pass the token to my API, but how do I use this token in my web services to make sure that it returns data that is filtered on the basis of the appropriate claims in the token?

我认为这里可能存在一些示例： https://github.com/thinktecture/Thinktecture.IdentityModel.45/tree/master/Samples/Web%20API ，但我不确定我了解这里发生了什么。有人可以写一个GET来解析jwt令牌中的身份声明并返回一组声明吗？

I think some samples might exist here: https://github.com/thinktecture/Thinktecture.IdentityModel.45/tree/master/Samples/Web%20API but I'm not certain I understand what is happening here. Can someone please write a GET that parses identity claims from the jwt token and returns a set of the claims?

推荐答案

可以在此处，但这些集成测试更有帮助。

I think the answer can be found here, but these integration tests were much more helpful.

这篇关于如何从Oauth令牌中读取声明？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！