zoukankan      html  css  js  c++  java
  • IdentityServer4 通过 AccessToken 获取 UserClaims

    实现效果:通过生成的access_token获取用户的一些信息,这样客户端请求的时候,不需要传递用户信息了。

    示例配置:

    public void ConfigureServices(IServiceCollection services)
    {
        services.AddIdentityServer()
            .AddTemporarySigningCredential()
            .AddInMemoryIdentityResources(new List<IdentityResource>
            {
                new IdentityResources.OpenId(), //必须要添加,否则报无效的scope错误
                new IdentityResources.Profile(),
            })
            .AddInMemoryApiResources(new List<ApiResource>
            {
                new ApiResource("api1", "My API")
            })
            .AddInMemoryClients(new List<Client>
            {
                new Client
                {
                    ClientId = "client",
                    AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
    
                    ClientSecrets =
                    {
                        new Secret("secret".Sha256())
                    },
                    AllowedScopes = 
                    { 
                      "api1",
                      IdentityServerConstants.StandardScopes.OpenId, //必须要添加,否则报forbidden错误
                      IdentityServerConstants.StandardScopes.Profile
                    }
                }
            });
    }
    

    Http 调用示例:

    GET /connect/userinfo
    Authorization: Bearer <access_token>
    
    
    HTTP/1.1 200 OK
    Content-Type: application/json
    
    {
        "sub": "248289761001",
        "name": "Bob Smith",
        "given_name": "Bob",
        "family_name": "Smith",
        "role": [
            "user",
            "admin"
        ]
    }
    

    UserInfoClient调用示例:

    var token = "";
    var client = new DiscoveryClient(_appSettings.IssuerUri);
    client.Policy.RequireHttps = false;
    var disco = await client.GetAsync();
    var userInfoClient = new UserInfoClient(doc.UserInfoEndpoint);
    
    var response = await userInfoClient.GetAsync(token);
    var claims = response.Claims;
    

    参考资料:

  • 相关阅读:
    rails best particseceeeeeeeeeeee
    clear out all firefox plugin
    named scope on rail3
    javascript保留两位小数
    rails
    CVSNT权限配置
    rails session使用好文章
    rails session security
    javascript断点调试方法
    rails3发邮件
  • 原文地址:https://www.cnblogs.com/xishuai/p/identityserver4-get-user-claims-by-token.html
Copyright © 2011-2022 走看看