在IdentityServer4的令牌请求中使用电子邮件(Using email in token request with IdentityServer4)

在IdentityServer4的令牌请求中使用电子邮件(Using email in token request with IdentityServer4)

我在带有ASP.NET核心标识的IdentityServer4的ROPC流程中使用，我需要将用户名和密码发送到/ connect / token端点以获取access_token。

如何配置IdentityServer4接受用户名或电子邮件，以及/ connect / token请求中的密码？

PS：asp.net核心：2.0.2 IdentityServer4：2.0.2

I'm usin ROPC flow with IdentityServer4 with ASP.NET Core Identity where I need to send username and password to /connect/token endpoint to get access_token.

How to configure IdentityServer4 to accept either Username or Email, and password in /connect/token requests?

PS: asp.net core: 2.0.2 IdentityServer4: 2.0.2

最满意答案

找到这个解决方案

1）从https://github.com/IdentityServer/IdentityServer4.AspNetIdentity/blob/dev/src/IdentityServer4.AspNetIdentity/ResourceOwnerPasswordValidator.cs将文件IdentityServer4.AspNetIdentity / src / IdentityServer4.AspNetIdentity / ResourceOwnerPasswordValidator.cs复制到您的项目中

2）修复ValidateAsync方法以查找具有电子邮件的用户

var user = await _userManager.FindByNameAsync(context.UserName); if (user == null) { user = await _userManager.FindByEmailAsync(context.UserName); }

3）将验证器添加到IS4：

.AddAspNetIdentity<AppUser>() .AddResourceOwnerValidator<Services.ResourceOwnerPasswordValidator<AppUser>>();

4）利润！

Found this solution:

1) Copy file IdentityServer4.AspNetIdentity/src/IdentityServer4.AspNetIdentity/ResourceOwnerPasswordValidator.cs to your project from https://github.com/IdentityServer/IdentityServer4.AspNetIdentity/blob/dev/src/IdentityServer4.AspNetIdentity/ResourceOwnerPasswordValidator.cs

2) Fix ValidateAsync method to find user with email

var user = await _userManager.FindByNameAsync(context.UserName); if (user == null) { user = await _userManager.FindByEmailAsync(context.UserName); }

3) Add Validator to IS4:

.AddAspNetIdentity<AppUser>() .AddResourceOwnerValidator<Services.ResourceOwnerPasswordValidator<AppUser>>();

4) Profit!