AddOAuth 链接到 dotnet core 2.0 [英] AddOAuth linkedin dotnet core 2.0
问题描述
我正在使用 dotnet core 我想在网站上设置 LinkedIn 身份验证,因为 LinkedIn 没有默认的身份验证构建器,如 facebook、google 和 twitter 我决定使用通用实现如下:
I'm using dotnet core I want to setup a LinkedIn authentication on the site since there is no default authentication builder for LinkedIn as facebook, google and twitter I decided to use the generic implementation as follows:
services.AddAuthentication().AddOAuth("LinkedIn",
c =>
{
c.ClientId = Configuration["linkedin-app-id"];
c.ClientSecret = Configuration["linkedin-app-secret"];
c.Scope.Add("r_basicprofile");
c.Scope.Add("r_emailaddress");
c.CallbackPath = "/signin-linkedin";
c.AuthorizationEndpoint = "https://www.linkedin.com/oauth/v2/authorization";
c.TokenEndpoint = "https://www.linkedin.com/oauth/v2/accessToken";
c.UserInformationEndpoint = "https://api.linkedin.com/v1/people/~:(id,formatted-name,email-address,picture-url)";
})
我遇到了一个问题,因为 GetExternalLoginInfoAsync() 为 null,查看 Identity ASP.net 核心源,是因为 providerkey 为 null.
I'm having an issue because GetExternalLoginInfoAsync() is null, looking the Identity ASP.net core source, is because the providerkey is null.
摘自asp.net核心代码:
Taken from asp.net core code:
var providerKey = auth.Principal.FindFirstValue(ClaimTypes.NameIdentifier);
var provider = items["LoginProvider"] as string;
if (providerKey == null || provider == null)
{
return null;
}
问题是我可以在哪里将 ClaimTypes.NameIdentifier 添加到 LinkedIn 声明中?
the question is where can I add the ClaimTypes.NameIdentifier to the LinkedIn claim?
推荐答案
在这种情况下,您必须使用 OauthEvent 手动预填充每个 Claim,如下所示:
In this case, you have to pre populate each Claim manually using an OauthEvent like this:
.AddOAuth("LinkedIn",
c =>
{
c.ClientId = Configuration["linkedin-app-id"];
c.ClientSecret = Configuration["linkedin-app-secret"];
c.Scope.Add("r_basicprofile");
c.Scope.Add("r_emailaddress");
c.CallbackPath = "/signin-linkedin";
c.AuthorizationEndpoint = "https://www.linkedin.com/oauth/v2/authorization";
c.TokenEndpoint = "https://www.linkedin.com/oauth/v2/accessToken";
c.UserInformationEndpoint = "https://api.linkedin.com/v1/people/~:(id,formatted-name,email-address,picture-url)";
c.Events = new OAuthEvents
{
OnCreatingTicket = async context =>
{
var request = new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", context.AccessToken);
request.Headers.Add("x-li-format", "json");
var response = await context.Backchannel.SendAsync(request, context.HttpContext.RequestAborted);
response.EnsureSuccessStatusCode();
var user = JObject.Parse(await response.Content.ReadAsStringAsync());
var userId = user.Value<string>("id");
if (!string.IsNullOrEmpty(userId))
{
context.Identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userId, ClaimValueTypes.String, context.Options.ClaimsIssuer));
}
var formattedName = user.Value<string>("formattedName");
if (!string.IsNullOrEmpty(formattedName))
{
context.Identity.AddClaim(new Claim(ClaimTypes.Name, formattedName, ClaimValueTypes.String, context.Options.ClaimsIssuer));
}
var email = user.Value<string>("emailAddress");
if (!string.IsNullOrEmpty(email))
{
context.Identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String,
context.Options.ClaimsIssuer));
}
var pictureUrl = user.Value<string>("pictureUrl");
if (!string.IsNullOrEmpty(pictureUrl))
{
context.Identity.AddClaim(new Claim("profile-picture", pictureUrl, ClaimValueTypes.String,
context.Options.ClaimsIssuer));
}
}
};
})
这篇关于AddOAuth 链接到 dotnet core 2.0的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!