AspNet Identity 2:自定义 OAuth 端点响应 [英] AspNet Identity 2: Customize OAuth endpoint response
问题描述
我成功实现了我的自定义OAuthAuthorizationServerProvider.但是当我登录并检索令牌时,我的客户对用户的角色、声明等一无所知.
I successfully implemented my custom OAuthAuthorizationServerProvider. But when I log in and retrieve a token, my client doesn't have any idea of the user's roles, claims, etc.
我目前添加了一个 webapi 控制器来返回委托人的声明列表,但我对此并不满意.
I currently added a webapi controller to return the list of the principal's claims, but I'm not really happy with that.
请求令牌时,当前响应如下:
When requesting a token, the current response looks like:
{
access_token: "qefelgrebjhzefilrgo4583535",
token_type: "bearer",
expires_in: 59
}
Q> 如何让它返回类似于以下代码段的内容?
{
access_token: "qefelgrebjhzefilrgo4583535",
token_type: "bearer",
expires_in: 59,
user: {
name: 'foo',
role: 'bar'
}
}
我目前的进展:
OAuthAuthorizationServerProvider#TokenEndpoint(OAuthTokenEndpointContext) 的文档说:
在成功的令牌端点请求的最后阶段调用.一个应用程序可以实现此调用以对声明进行任何最终修改用于发布访问或刷新令牌.也可以使用这个调用为了向 Token 端点的 json 添加额外的响应参数响应体.
Called at the final stage of a successful Token endpoint request. An application may implement this call in order to do any final modification of the claims being used to issue access or refresh tokens. This call may also be used in order to add additional response parameters to the Token endpoint's json response body.
我找不到任何关于如何自定义响应的示例,而且 asp-net Identity 的源代码尚未发布,所以我很困惑.
I couldn't find any example of how to customize the response, and asp-net Identity's source code is not yet released, so I'm quite stuck.
推荐答案
也许您正在寻找 OAuthAuthorizationServerProvider 的 TokenEndpoint 方法覆盖.
May be you are looking for TokenEndpoint method override of OAuthAuthorizationServerProvider.
public override Task TokenEndpoint(OAuthTokenEndpointContext context)
{
foreach (KeyValuePair<string, string> property in context.Properties.Dictionary)
{
context.AdditionalResponseParameters.Add(property.Key, property.Value);
}
return Task.FromResult<object>(null);
}
这篇关于AspNet Identity 2:自定义 OAuth 端点响应的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
