asp.net-core – 使用IdentityServer4生成访问令牌,无需密码
发布时间:2020-11-17 08:56:33 所属栏目:asp.Net 来源:互联网
导读:我使用ROPC流创建了使用IdentityServer4保护的ASP.NET Core WebApi(使用此示例: https://github.com/robisim74/AngularSPAWebAPI). 如何在没有密码的情况下从服务器手动生成access_token? [HttpPost(loginas/{id})][Authorize(Roles = admin)]publi
|
我使用ROPC流创建了使用IdentityServer4保护的ASP.NET Core WebApi(使用此示例: https://github.com/robisim74/AngularSPAWebAPI). 如何在没有密码的情况下从服务器手动生成access_token? 解决方法[HttpPost("loginas/{id}")]
[Authorize(Roles = "admin")]
public async Task<IActionResult> LoginAs(int id,[FromServices] ITokenService TS,[FromServices] IUserClaimsPrincipalFactory<ApplicationUser> principalFactory,[FromServices] IdentityServerOptions options)
{
var Request = new TokenCreationRequest();
var User = await userManager.FindByIdAsync(id.ToString());
var IdentityPricipal = await principalFactory.CreateAsync(User);
var IdServerPrincipal = IdentityServerPrincipal.Create(User.Id.ToString(),User.UserName,IdentityPricipal.Claims.ToArray());
Request.Subject = IdServerPrincipal;
Request.IncludeAllIdentityClaims = true;
Request.ValidatedRequest = new ValidatedRequest();
Request.ValidatedRequest.Subject = Request.Subject;
Request.ValidatedRequest.SetClient(Config.GetClients().First());
Request.Resources = new Resources(Config.GetIdentityResources(),Config.GetApiResources());
Request.ValidatedRequest.Options = options;
Request.ValidatedRequest.ClientClaims = IdServerPrincipal.Claims.ToArray();
var Token = await TS.CreateAccessTokenAsync(Request);
Token.Issuer = "http://" + HttpContext.Request.Host.Value;
var TokenValue = await TS.CreateSecurityTokenAsync(Token);
return Ok(TokenValue);
}
对于新发布的IdentityServer 2.0.0,代码需要进行一些修改: [HttpPost("loginas/{id}")]
[Authorize(Roles = "admin")]
public async Task<IActionResult> LoginAs(int id,[FromServices] IdentityServerOptions options)
{
var Request = new TokenCreationRequest();
var User = await userManager.FindByIdAsync(id.ToString());
var IdentityPricipal = await principalFactory.CreateAsync(User);
var IdentityUser = new IdentityServerUser(User.Id.ToString());
IdentityUser.AdditionalClaims = IdentityPricipal.Claims.ToArray();
IdentityUser.DisplayName = User.UserName;
IdentityUser.AuthenticationTime = System.DateTime.UtcNow;
IdentityUser.IdentityProvider = IdentityServerConstants.LocalIdentityProvider;
Request.Subject = IdentityUser.CreatePrincipal();
Request.IncludeAllIdentityClaims = true;
Request.ValidatedRequest = new ValidatedRequest();
Request.ValidatedRequest.Subject = Request.Subject;
Request.ValidatedRequest.SetClient(Config.GetClients().First());
Request.Resources = new Resources(Config.GetIdentityResources(),Config.GetApiResources());
Request.ValidatedRequest.Options = options;
Request.ValidatedRequest.ClientClaims = IdentityUser.AdditionalClaims;
var Token = await TS.CreateAccessTokenAsync(Request);
Token.Issuer = HttpContext.Request.Scheme + "://" + HttpContext.Request.Host.Value;
var TokenValue = await TS.CreateSecurityTokenAsync(Token);
return Ok(TokenValue);
} (编辑:东莞站长网) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
相关内容
- asp.net-mvc-3 – 如何关闭我的整个ASP.NET MVC 3网站的缓存
- ASP.NET 2.0和4.0似乎在Forms身份验证中以不同方式处理根UR
- asp.net-web-api – WebAPI中的长时间运行任务
- 在mvc4 asp.net中的Razor View中的模型声明
- 什么是在asp.net中301重定向更推荐的方法?
- 从代码隐藏调用ASP.NET Web API
- asp.net简单生成XML文件的方法
- asp.net-mvc – ActionResult上的自定义属性
- Asp.net Core 1.1 升级后操作mysql出错的解决办法
- asp.net-mvc – 如何使用ASP.NET MVC ApiController获取GET
推荐文章
站长推荐
- 设置ASP.NET页面不被缓存(客户端/服务器端取消缓
- asp.net-mvc-3 – 如何在页面提交ASP.Net MVC时捕
- asp.net-mvc – 如何在asp.net mvc中处理分页?
- asp.net – 查询字符串参数使我的应用程序面临风
- asp.net-mvc – MVC应用程序中的随机数生成
- asp.net-mvc – 使用html.actionlink将模型从视图
- asp.net-mvc-4 – 最小和最大字符串长度的单独错
- ASP.NET Webforms,用户控件中的JavaScript
- ASP.NET MVC3中的HTML反而不是JSON的IIS响应
- asp.net – 避免在web.config中提供服务器连接字
热点阅读
