在asp.net身份转化2 /修改索赔 [英] Transforming / Modifying claims in asp.net identity 2

问题描述

在Windows身份验证框架（WIF），你可以以修改的本金索赔或增加新的索赔给它实施 ClaimsAuthenticationManager 。

In Windows Identity Framework (WIF) you could implement a ClaimsAuthenticationManager in order to modify the claims on the principal or add new claims to it.

索赔认证管理器提供应用程序要求的扩展点处理管道，你可以用它来验证，筛选，修改，传入的索赔或注入新的索赔到RP应用程序之前由ClaimsPrincipal psented集索赔$ P $ code被执行。

The claims authentication manager provides an extensibility point in the application’s claims processing pipeline that you can use to validate, filter, modify, incoming claims or inject new claims into the set of claims presented by a ClaimsPrincipal before the RP application code is executed.

ASP.net身份2是否有任何形式的管道钩这样的？如果我想添加一些索赔，而不需要坚持在AspNetUserClaims表我该怎么做呢？

Does ASP.net Identity 2 have any sort of pipeline hook like this? If I want to add some claims without having them persisted in the AspNetUserClaims table how can I do this?

推荐答案

逻辑地方做后，用户在成功签约，这将是正确的。这将发生在的AccountController 登录操作：

The logical place to do this would be right after the user has successfully signed in. This would occur in the AccountController login action:

    public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
            {
                if (!ModelState.IsValid) { return View(model); }

                var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
                switch (result)
                {
                    case SignInStatus.Success:

                        // Transform here
                        var freshClaims = new List<Claim>
                        {
                           new Claim(ClaimTypes.Email, model.Email),
                           new Claim(ClaimTypes.Locality, "Earth (Milky Way)"),
                           new Claim(ClaimTypes.Role, "Trooper"),
                           new Claim(ClaimTypes.SerialNumber, "555666777")
                        };
                        AuthenticationManager.AuthenticationResponseGrant.Identity.AddClaims(freshClaims);
                        return RedirectToLocal(returnUrl);

我使用DI注入的AuthenticationManager 到 AccountControllers 的构造函数，并将它设置为<$ C $的属性C>的AccountController 。如果你不这样做，那么你可以把它关闭 OWIN 背景：

I use DI to inject AuthenticationManager into AccountControllers constructor and set it up as a property of AccountController. If you don't do this then you can just get it off the OWIN context:

var authManager = HttpContext.Current.GetOwinContext().Authentication;
authManager.AuthenticationResponseGrant.Identity.AddClaims(freshClaims);

这篇关于在asp.net身份转化2 /修改索赔的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！