asp.net 核心中的声明是如何映射的
How Claims are mapped in asp.net core
我是 asp.net 核心的新手,我目前在多租户中工作 application.I 现在卡住了,因为我不知道如何在 asp.net 中映射声明核心
我在尝试访问来自 MIdAuthorizedBaseApiController 的声明时遇到上述错误。
从 UserController 获得声明。
我怀疑 jwt 令牌中的声明何时映射到 "User.Claims"。我在 "UserController.cs" 中得到声明。但是我需要 MIdAuthorizedBaseApiController.cs 中的声明才能设置"UserContext".
声明在 UserController 中可用,但 UserController 本身继承自 MIdAuthorizedBaseApiController,但未填充声明 there.When 我尝试访问它会抛出一个exception.So,jwt 令牌中的声明何时以及如何 mapped.Please 请参考上面的两个屏幕截图以正确回答我的问题。
UserController.cs
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
public class UsersController : MIdAuthorizedBaseApiController
{
[HttpGet]
[ProducesResponseType(200, Type = typeof(BusinessEntities.User))]
[ProducesResponseType(400)]
[ProducesResponseType(401)]
public IActionResult Users()
{
// Get Tenant Id
var claimsList = User.Claims.ToList();
var tenantId = claimsList[4].Value;
// Set the Claims
// _claimsHelper.SetClaims(User.Claims.AsQueryable());
var users = _userManager.Users.Include(u => u.UserRoles).ThenInclude(ur => ur.Role);//.Where(n => n.TenantId.ToString() == tenantId);
// Using "LINQ" to Query only the required properties
var result = from User in users
select new
{
Id = User.Id,
UserName = User.UserName,
Email = User.Email,
PhoneNumber = User.PhoneNumber,
// Roles = String.Join(",", (from roles in User.UserRoles select roles.Role.Name))
};
// Return the result set
if(result != null) {
return Ok(result);
}
return BadRequest(_localizer["2006"]);
}
MIdAuthorizedBaseApiController.cs
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
public class MIdAuthorizedBaseApiController : AuthorizedApiController
{
public MIdAuthorizedBaseApiController(UserContext usercontext):base(usercontext)
{
PopulateUserContext(usercontext);
}
private void PopulateUserContext(UserContext usercontext)
{
// Getting exception here when i try to populate User.Claims
//here
var claim = HttpContext.User.Claims.First(c => c.Type == "UserId");
//To be replaced with details from token
//usercontext.UserId = Guid.Parse("3C5CD705-8DA0-4536-856B-9F39A6ABC0FA");
usercontext.UserId = Guid.Parse("43200003-6972-4849-B80F-81896C3B5505");
usercontext.Username = Guid.NewGuid().ToString();
//usercontext.TenantId = Guid.Parse("28C914CE-C321-4033-BB87-E9C527249503");
usercontext.TenantId = Guid.Parse("21550810-A8E7-438F-BBF5-CB0755087356");
usercontext.ServerName = DateTime.Now.ToLongTimeString();
}
AuthorizedApiController.cs
using Agility.Core;
using Agility.Web.Filters;
namespace Agility.Web
{
[BusinessExceptionFilter]
public class AuthorizedApiController : BaseApiController
{
public AuthorizedApiController(UserContext userContext);
public UserContext UserContext { get; set; }
}
}
您可以使用 HttpContextAccessor 访问声明。
修改MIdAuthorizedBaseApiController以在控制器上执行IHttpContextAccessor的依赖注入:
public class MIdAuthorizedBaseApiController : AuthorizedApiController
{
public MIdAuthorizedBaseApiController(UserContext usercontext, IHttpContextAccessor httpContextAccessor) : base(usercontext)
{
PopulateUserContext(usercontext, httpContextAccessor);
}
private void PopulateUserContext(UserContext usercontext, IHttpContextAccessor httpContextAccessor)
{
// Getting exception here when i try to populate User.Claims
//here
var claim = httpContextAccessor.HttpContext.User.Claims;
//To be replaced with details from token
//usercontext.UserId = Guid.Parse("3C5CD705-8DA0-4536-856B-9F39A6ABC0FA");
.......
}
}
和用户控制器:
public class ValuesController : MIdAuthorizedBaseApiController
{
public ValuesController(UserContext usercontext, IHttpContextAccessor httpContextAccessor) : base(usercontext, httpContextAccessor)
{
}
}
此外,您可以参考下面的 link,它展示了如何使用 JWT Bearer 身份验证来保护您的 ASP.NET 核心,它使用 AddJwtBearer 中间件来 validate/decode JWT 令牌:
我是 asp.net 核心的新手,我目前在多租户中工作 application.I 现在卡住了,因为我不知道如何在 asp.net 中映射声明核心
我在尝试访问来自 MIdAuthorizedBaseApiController 的声明时遇到上述错误。
从 UserController 获得声明。
我怀疑 jwt 令牌中的声明何时映射到 "User.Claims"。我在 "UserController.cs" 中得到声明。但是我需要 MIdAuthorizedBaseApiController.cs 中的声明才能设置"UserContext".
声明在 UserController 中可用,但 UserController 本身继承自 MIdAuthorizedBaseApiController,但未填充声明 there.When 我尝试访问它会抛出一个exception.So,jwt 令牌中的声明何时以及如何 mapped.Please 请参考上面的两个屏幕截图以正确回答我的问题。
UserController.cs
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
public class UsersController : MIdAuthorizedBaseApiController
{
[HttpGet]
[ProducesResponseType(200, Type = typeof(BusinessEntities.User))]
[ProducesResponseType(400)]
[ProducesResponseType(401)]
public IActionResult Users()
{
// Get Tenant Id
var claimsList = User.Claims.ToList();
var tenantId = claimsList[4].Value;
// Set the Claims
// _claimsHelper.SetClaims(User.Claims.AsQueryable());
var users = _userManager.Users.Include(u => u.UserRoles).ThenInclude(ur => ur.Role);//.Where(n => n.TenantId.ToString() == tenantId);
// Using "LINQ" to Query only the required properties
var result = from User in users
select new
{
Id = User.Id,
UserName = User.UserName,
Email = User.Email,
PhoneNumber = User.PhoneNumber,
// Roles = String.Join(",", (from roles in User.UserRoles select roles.Role.Name))
};
// Return the result set
if(result != null) {
return Ok(result);
}
return BadRequest(_localizer["2006"]);
}
MIdAuthorizedBaseApiController.cs
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
public class MIdAuthorizedBaseApiController : AuthorizedApiController
{
public MIdAuthorizedBaseApiController(UserContext usercontext):base(usercontext)
{
PopulateUserContext(usercontext);
}
private void PopulateUserContext(UserContext usercontext)
{
// Getting exception here when i try to populate User.Claims
//here
var claim = HttpContext.User.Claims.First(c => c.Type == "UserId");
//To be replaced with details from token
//usercontext.UserId = Guid.Parse("3C5CD705-8DA0-4536-856B-9F39A6ABC0FA");
usercontext.UserId = Guid.Parse("43200003-6972-4849-B80F-81896C3B5505");
usercontext.Username = Guid.NewGuid().ToString();
//usercontext.TenantId = Guid.Parse("28C914CE-C321-4033-BB87-E9C527249503");
usercontext.TenantId = Guid.Parse("21550810-A8E7-438F-BBF5-CB0755087356");
usercontext.ServerName = DateTime.Now.ToLongTimeString();
}
AuthorizedApiController.cs
using Agility.Core;
using Agility.Web.Filters;
namespace Agility.Web
{
[BusinessExceptionFilter]
public class AuthorizedApiController : BaseApiController
{
public AuthorizedApiController(UserContext userContext);
public UserContext UserContext { get; set; }
}
}
您可以使用 HttpContextAccessor 访问声明。
修改MIdAuthorizedBaseApiController以在控制器上执行IHttpContextAccessor的依赖注入:
public class MIdAuthorizedBaseApiController : AuthorizedApiController
{
public MIdAuthorizedBaseApiController(UserContext usercontext, IHttpContextAccessor httpContextAccessor) : base(usercontext)
{
PopulateUserContext(usercontext, httpContextAccessor);
}
private void PopulateUserContext(UserContext usercontext, IHttpContextAccessor httpContextAccessor)
{
// Getting exception here when i try to populate User.Claims
//here
var claim = httpContextAccessor.HttpContext.User.Claims;
//To be replaced with details from token
//usercontext.UserId = Guid.Parse("3C5CD705-8DA0-4536-856B-9F39A6ABC0FA");
.......
}
}
和用户控制器:
public class ValuesController : MIdAuthorizedBaseApiController
{
public ValuesController(UserContext usercontext, IHttpContextAccessor httpContextAccessor) : base(usercontext, httpContextAccessor)
{
}
}
此外,您可以参考下面的 link,它展示了如何使用 JWT Bearer 身份验证来保护您的 ASP.NET 核心,它使用 AddJwtBearer 中间件来 validate/decode JWT 令牌: