c# – Thinktecture Identity Server v3如何保持外部提供商的声明?

前端之家收集整理的这篇文章主要介绍了c# – Thinktecture Identity Server v3如何保持外部提供商的声明?前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。
我正在尝试遵循简单的指南 mvcGettingStarted.
现在,我已经实现了GoogleAuthentication和FacebookAuthentication提供程序,一切都按预期工作,我实际上可以登录,如果我使用我的身份服务器登录,我还获得了每个用户的角色声明.
我想知道,如果我想保留外部提供商提供的所有索赔怎么办?
简单的例子.
这就是我的Facebook提供商设置的样子:
var facebookOptions = new FacebookAuthenticationOptions() {
            AuthenticationType = "Facebook",Caption = "Sign in with Facebook",AppId = "*****",AppSecret = "****",SignInAsAuthenticationType = signInAsType,Provider = new FacebookAuthenticationProvider() {
                OnAuthenticated = (context) => {

                    foreach (var x in context.User) {
                        context.Identity.AddClaim(new Claim(x.Key,x.Value.ToString()));
                    }

                    return Task.FromResult(context);
                }
            },};

        facebookOptions.Scope.Add("email");
        facebookOptions.Scope.Add("public_profile");
        facebookOptions.Scope.Add("user_friends");

        app.UseFacebookAuthentication(facebookOptions);

在每个循环中我试图将所有Facebook声明存储在Identity中,但是当我回到SecurityTokenValidated回调时,我的身份没有它们.

app.USEOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions() {
            Authority = "https://localhost:44302/identity/",ClientId = "my_client",Scope = "openid profile roles email",RedirectUri = "https://localhost:44302/",ResponseType = "id_token token",SignInAsAuthenticationType = "Cookies",UseTokenLifetime = false,Notifications = new OpenIdConnectAuthenticationNotifications() {

                SecurityTokenValidated = async context => {
                    //let's clean up this identity

                    //context.AuthenticationTicket.Identity doesn't have the claims added in the facebook callback
                    var nid = new ClaimsIdentity(
                        context.AuthenticationTicket.Identity.AuthenticationType,Constants.ClaimTypes.GivenName,Constants.ClaimTypes.Role);
                    ........

是因为我在操纵两个不同的身份吗?
有没有正确的方法来实现我想要做的事情?
谢谢.

解决方法

您可以在自定义用户服务实现中执行此操作.默认设置使外部提供商的声明可用.自定义用户服务的文档: https://identityserver.github.io/Documentation/docsv2/advanced/userService.html

猜你在找的C#相关文章