zoukankan      html  css  js  c++  java
  • IdentityServer4 通过 AccessToken 获取 UserClaims

    实现效果:通过生成的access_token获取用户的一些信息,这样客户端请求的时候,不需要传递用户信息了。

    示例配置:

    public void ConfigureServices(IServiceCollection services)
    {
        services.AddIdentityServer()
            .AddTemporarySigningCredential()
            .AddInMemoryIdentityResources(new List<IdentityResource>
            {
                new IdentityResources.OpenId(), //必须要添加,否则报无效的scope错误
                new IdentityResources.Profile(),
            })
            .AddInMemoryApiResources(new List<ApiResource>
            {
                new ApiResource("api1", "My API")
            })
            .AddInMemoryClients(new List<Client>
            {
                new Client
                {
                    ClientId = "client",
                    AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
    
                    ClientSecrets =
                    {
                        new Secret("secret".Sha256())
                    },
                    AllowedScopes = 
                    { 
                      "api1",
                      IdentityServerConstants.StandardScopes.OpenId, //必须要添加,否则报forbidden错误
                      IdentityServerConstants.StandardScopes.Profile
                    }
                }
            });
    }
    

    Http 调用示例:

    GET /connect/userinfo
    Authorization: Bearer <access_token>
    
    
    HTTP/1.1 200 OK
    Content-Type: application/json
    
    {
        "sub": "248289761001",
        "name": "Bob Smith",
        "given_name": "Bob",
        "family_name": "Smith",
        "role": [
            "user",
            "admin"
        ]
    }
    

    UserInfoClient调用示例:

    var token = "";
    var client = new DiscoveryClient(_appSettings.IssuerUri);
    client.Policy.RequireHttps = false;
    var disco = await client.GetAsync();
    var userInfoClient = new UserInfoClient(doc.UserInfoEndpoint);
    
    var response = await userInfoClient.GetAsync(token);
    var claims = response.Claims;
    

    参考资料:

  • 相关阅读:
    1265 四点共面
    1298 圆与三角形
    1264 线段相交
    1185 威佐夫游戏 V2
    1183 编辑距离
    1089 最长回文子串
    HTML5 boilerplate 笔记(转)
    Grunt上手指南(转)
    RequireJS 2.0初探
    RequireJS学习笔记
  • 原文地址:https://www.cnblogs.com/xishuai/p/identityserver4-get-user-claims-by-token.html
Copyright © 2011-2022 走看看