本文介绍了使用没有密码的 IdentityServer4 生成访问令牌的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我使用 ROPC 流创建了受 IdentityServer4 保护的 ASP.NET Core WebApi(使用此示例:github/robisim74/AngularSPAWebAPI).
I have created ASP.NET Core WebApi protected with IdentityServer4 using ROPC flow (using this example: github/robisim74/AngularSPAWebAPI).
如何在没有密码的情况下从服务器手动生成access_token?
How to manually generate access_token from the server without password?
推荐答案 [HttpPost("loginas/{id}")] [Authorize(Roles = "admin")] public async Task<IActionResult> LoginAs(int id, [FromServices] ITokenService TS, [FromServices] IUserClaimsPrincipalFactory<ApplicationUser> principalFactory, [FromServices] IdentityServerOptions options) { var Request = new TokenCreationRequest(); var User = await userManager.FindByIdAsync(id.ToString()); var IdentityPricipal = await principalFactory.CreateAsync(User); var IdServerPrincipal = IdentityServerPrincipal.Create(User.Id.ToString(), User.UserName, IdentityPricipal.Claims.ToArray()); Request.Subject = IdServerPrincipal; Request.IncludeAllIdentityClaims = true; Request.ValidatedRequest = new ValidatedRequest(); Request.ValidatedRequest.Subject = Request.Subject; Request.ValidatedRequest.SetClient(Config.GetClients().First()); Request.Resources = new Resources(Config.GetIdentityResources(), Config.GetApiResources()); Request.ValidatedRequest.Options = options; Request.ValidatedRequest.ClientClaims = IdServerPrincipal.Claims.ToArray(); var Token = await TS.CreateAccessTokenAsync(Request); Token.Issuer = "" + HttpContext.Request.Host.Value; var TokenValue = await TS.CreateSecurityTokenAsync(Token); return Ok(TokenValue); }对于新发布的 IdentityServer 2.0.0,代码需要一些修改:
For a newly released IdentityServer 2.0.0 the code needs some modifications:
[HttpPost("loginas/{id}")] [Authorize(Roles = "admin")] public async Task<IActionResult> LoginAs(int id, [FromServices] ITokenService TS, [FromServices] IUserClaimsPrincipalFactory<ApplicationUser> principalFactory, [FromServices] IdentityServerOptions options) { var Request = new TokenCreationRequest(); var User = await userManager.FindByIdAsync(id.ToString()); var IdentityPricipal = await principalFactory.CreateAsync(User); var IdentityUser = new IdentityServerUser(User.Id.ToString()); IdentityUser.AdditionalClaims = IdentityPricipal.Claims.ToArray(); IdentityUser.DisplayName = User.UserName; IdentityUser.AuthenticationTime = System.DateTime.UtcNow; IdentityUser.IdentityProvider = IdentityServerConstants.LocalIdentityProvider; Request.Subject = IdentityUser.CreatePrincipal(); Request.IncludeAllIdentityClaims = true; Request.ValidatedRequest = new ValidatedRequest(); Request.ValidatedRequest.Subject = Request.Subject; Request.ValidatedRequest.SetClient(Config.GetClients().First()); Request.Resources = new Resources(Config.GetIdentityResources(), Config.GetApiResources()); Request.ValidatedRequest.Options = options; Request.ValidatedRequest.ClientClaims = IdentityUser.AdditionalClaims; var Token = await TS.CreateAccessTokenAsync(Request); Token.Issuer = HttpContext.Request.Scheme + "://" + HttpContext.Request.Host.Value; var TokenValue = await TS.CreateSecurityTokenAsync(Token); return Ok(TokenValue); }更多推荐
使用没有密码的 IdentityServer4 生成访问令牌
发布评论