如何忽略身份框架魔术和只使用OWIN AUTH中间件获得索赔我求? [英] How do I ignore the Identity Framework magic and just use the OWIN auth middleware to get the claims I seek?
问题描述
该OWIN中间件东西给第三方登录集成到你的ASP.NET应用程序非常酷,但我似乎无法弄清楚如何在新的ID框架取代了蹩脚的成员身份API撕出来。我不感兴趣的坚持所产生的债权,并在基于EF-数据持久化用户信息,我只是想索赔信息,以便我可以将它应用到现有的项目我自己的用户帐户。我不希望只是采用了新的ID框架来利用这些东西的优势。
The OWIN middleware stuff to integrate third-party logins to your ASP.NET app is very cool, but I can't seem to figure out how to tear it out from the new ID framework that replaces the crappy Membership API. I'm not interested in persisting the resulting claims and user info in that EF-based data persistence, I just want the claims info so I can apply it to my own user accounts in existing projects. I don't want to adopt the new ID framework just to take advantage of this stuff.
我已经在浏览codePLEX的code,但还有一大堆的静态魔术。你能提供什么建议吗?
I've been browsing the code on CodePlex, but there's a whole lot of static magic. Can you offer any suggestions?
推荐答案
使用以下code设置OWIN安全中间件:
Use the following code to setup OWIN security middlewares:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Application",
AuthenticationMode = AuthenticationMode.Passive,
LoginPath = new PathString("/Login"),
LogoutPath = new PathString("/Logout"),
});
app.SetDefaultSignInAsAuthenticationType("External");
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "External",
AuthenticationMode = AuthenticationMode.Passive,
CookieName = CookieAuthenticationDefaults.CookiePrefix + "External",
ExpireTimeSpan = TimeSpan.FromMinutes(5),
});
app.UseGoogleAuthentication();
上面的code设置应用程序的cookie,外部饼干和谷歌外部登录中间件。外部登录中间件将外部用户登录数据转换身份,并将其设置为外部cookie的中间件。在您的应用程序,你需要得到外部的cookie身份并将其转换为外部登录数据,那么你就可以用你的数据库的用户进行检查。
The code above sets up application cookie, external cookie and Google external login middlewares. External login middleware will convert external user login data as identity and set it to external cookie middleware. In your app, you need to get external cookie identity and convert it to external login data, then you can check it with your db user.
下面是一些示例code。
Here are some sample code.
拍在与应用程序的cookie:
Sign in with application cookie:
var authentication = System.Web.HttpContext.Current.GetOwinContext().Authentication;
var identity = new ClaimsIdentity("Application");
identity.AddClaim(new Claim(ClaimTypes.Name, "<user name>"));
authentication.AuthenticationResponseGrant = new AuthenticationResponseGrant(identity, new AuthenticationProperties() {
IsPersistent = false
});
获取应用程序的cookie身份:
Get application cookie identity:
var identity = System.Web.HttpContext.Current.User.Identity as ClaimsIdentity;
获取外部的cookie身份(谷歌):
Get external cookie identity (Google):
var authentication = System.Web.HttpContext.Current.GetOwinContext().Authentication;
var result = await authentication.AuthenticateAsync("External");
var externalIdentity = result.Identity;
从身份提取外部登录数据:
Extract external login data from identity:
public static ExternalLoginData FromIdentity(ClaimsIdentity identity)
{
if (identity == null)
{
return null;
}
Claim providerKeyClaim = identity.FindFirst(ClaimTypes.NameIdentifier);
if (providerKeyClaim == null || String.IsNullOrEmpty(providerKeyClaim.Issuer)
|| String.IsNullOrEmpty(providerKeyClaim.Value))
{
return null;
}
if (providerKeyClaim.Issuer == ClaimsIdentity.DefaultIssuer)
{
return null;
}
return new ExternalLoginData
{
LoginProvider = providerKeyClaim.Issuer,
ProviderKey = providerKeyClaim.Value,
UserName = identity.FindFirstValue(ClaimTypes.Name)
};
}
这篇关于如何忽略身份框架魔术和只使用OWIN AUTH中间件获得索赔我求?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
