我的AuthServer当前正在使用以下代码来生成JwtSecurityToken:
My AuthServer is currently using the following code to generate a JwtSecurityToken:
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token);有效载荷如下:
{ "unique_name": "myUserName", "sub": "myUserName", "role": "API_User", "iss": "Automation", "aud": "099153c2625149bc8ecb3e85e03f0022", "exp": 1486056731, "nbf": 1483464731 }我想在令牌有效载荷内添加一些自定义字段/属性,例如ProfilePicURL,以便有效载荷看起来像这样:
I would like to add some custom fields/properties within the token payload, such as ProfilePicURL, so that the payload can look something like this:
{ "unique_name": "myUserName", "sub": "myUserName", "role": "API_User", "iss": "Automation", "aud": "099153c2625149bc8ecb3e85e03f0022", "exp": 1486056731, "nbf": 1483464731, "profilePicture": "url/user.jpg" }如何添加这些自定义属性并确保令牌包含它们?
How do I go about adding these custom properties and ensuring that the token contains them?
推荐答案JwtSecurityToken公开了 JwtPayload Payload { get; set;} 属性. JwtPayload 源自Dictionary<string, object>,因此只需将其添加到有效负载中即可.
JwtSecurityToken exposes a JwtPayload Payload { get; set;} property. JwtPayload derives from Dictionary<string, object> so just add it to the payload...
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); token.Payload["profilePicture"] = "url/user.jpg" var handler = new JwtSecurityTokenHandler(); var jwt = handler.WriteToken(token);使用WriteToken对令牌进行编码和签名很重要,因为仅获取RawData属性将不起作用(令牌将不包含自定义声明).
It is important that you use WriteToken to encode and sign the token, as simply getting the RawData property will not work (the token will not contain the custom claims).
更多推荐
System.IdentityModel.Tokens.JwtSecurityToken定制属性
发布评论