如何使用InboundClaimTypeMap进行索赔映射? [英] How to use InboundClaimTypeMap for claim mapping?
问题描述
我有类似的问题:
无需映射,因为NameClaimType(RoleClaimType)和声明列表中的Claim是相同的
JwtSecurityTokenHandler.InboundClaimTypeMap.Clear();
在Api项目上,我有:
在这种情况下(如果我理解正确),我必须进行映射,因为NameClaimType&RoleClaimType与声明值不同.
JwtSecurityTokenHandler.InboundClaimTypeMap = new字典< string,string>{{角色",System.Security.Claims.ClaimTypes.Role},{名称",System.Security.Claims.ClaimTypes.Name}};
但仍然无法正常工作.我在做什么错了?
InboundClaimTypeMap用于转换传入的声明.它不会设置 NameClaimType
和 RoleClaimType
属性.
您的身份验证中间件应该可以选择设置名称和角色声明类型.例如:-
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions{...,NameClaimType = System.Security.Claims.ClaimTypes.Name,RoleClaimType = System.Security.Claims.ClaimTypes.Role});
I have similar problem as here : https://github.com/IdentityServer/IdentityServer3.Samples/issues/9
But solution is not helpful for me.
So lets explain in more details with pictures and code:
I have this on client:
No need to map because NameClaimType(RoleClaimType) and Claim in list of claims are same
JwtSecurityTokenHandler.InboundClaimTypeMap.Clear();
On Api project I have:
In this case (if I understand correctly), I have to to map, because NameClaimType & RoleClaimType are not same with claim values.
JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>
{
{"role", System.Security.Claims.ClaimTypes.Role},
{"name",System.Security.Claims.ClaimTypes.Name }
};
But still not working. What am I doing wrong?
InboundClaimTypeMap is used to transform the incoming claims. It doesn't set the NameClaimType
and RoleClaimType
properties.
Your authentication middleware should have the option to set name and role claim types. For ex:-
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
...,
NameClaimType = System.Security.Claims.ClaimTypes.Name,
RoleClaimType = System.Security.Claims.ClaimTypes.Role
});
这篇关于如何使用InboundClaimTypeMap进行索赔映射?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!