更新 ClaimsPrincipal 中的声明
时间:2023-05-08问题描述
我将 Adal 与 Azure Active Directory 一起使用,我需要通过自定义 OwinMiddleware 添加额外的声明.当我向该主体添加声明时,我可以在当前请求中访问它们.但刷新页面后,声明消失了.
I am using Adal with Azure Active Directory and I need to add extra claims via custom OwinMiddleware. When I add claims to this principal, I am able to access them in the current request. But after a page refresh, the claim is gone.
我以为 Owin 处理了声明的序列化并将其放入 cookie 本身,但事实并非如此.
I thought Owin handled serialization of claims and put it into a cookie itself, but this doesn't seem to be the case.
我添加声明如下:
var claimsIdentity = (ClaimsIdentity) ClaimsPrincipal.Current.Identity;
if (!claimsIdentity.IsAuthenticated) return;
var identity = new ClaimsIdentity(claimsIdentity);
var currentTenantClaim = GetTenantClaim();
if (currentTenantClaim != null)
claimsIdentity.RemoveClaim(currentTenantClaim);
claimsIdentity.AddClaim(new Claim(ClaimTypes.CurrentTenantId, id));
context.Authentication.AuthenticationResponseGrant = new AuthenticationResponseGrant
(new ClaimsPrincipal(identity), new AuthenticationProperties {IsPersistent = true});
关于如何将新的声明持久化到 cookie 上有什么想法吗?
Any ideas on how to persist the new claims to the cookie?
推荐答案
我已将声明添加到错误的身份.必须将它们添加到身份变量而不是 claimIdentity.
I've added the claims to the wrong Identity. They had to be added to the identity variable instead of the claimsIdentity.
工作代码:
var claimsIdentity = (ClaimsIdentity) context.Authentication.User.Identity;
if (!claimsIdentity.IsAuthenticated) return;
var identity = new ClaimsIdentity(claimsIdentity);
var currentTenantClaim = GetTenantClaim(identity);
if (currentTenantClaim != null)
identity.RemoveClaim(currentTenantClaim);
identity.AddClaim(new Claim(ClaimTypes.CurrentTenantId, id));
context.Authentication.AuthenticationResponseGrant = new AuthenticationResponseGrant
(new ClaimsPrincipal(identity), new AuthenticationProperties {IsPersistent = true});
这篇关于更新 ClaimsPrincipal 中的声明的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持html5模板网!
相关文章
ASP.NET Core 使用 Azure Active Directory 进行身份验证并ASP.NET Core authenticating with Azure Active Directory and persisting custom Claims across requests(ASP.NET Core 使用 Azure Active Directory 进行身- ASP.NET Core 2.0 Web API Azure Ad v2 令牌授权不起作用ASP.NET Core 2.0 Web API Azure Ad v2 Token Authorization not working(ASP.NET Core 2.0 Web API Azure Ad v2 令牌授权不起作用)
- 如何获取守护进程或服务器到 C# ASP.NET Web API 的How do I get Azure AD OAuth2 Access Token and Refresh token for Daemon or Server to C# ASP.NET Web API(如何获取守护进程或服务器到 C# ASP.N
- 异步调用时 Azure KeyVault Active Directory AcquireTokenAAzure KeyVault Active Directory AcquireTokenAsync timeout when called asynchronously(异步调用时 Azure KeyVault Active Directory AcquireTokenAsync 超
- 使用电子邮件地址和应用程序密码从 oauth2/tokenGetting access token using email address and app password from oauth2/token(使用电子邮件地址和应用程序密码从 oauth2/token 获取访问令
- 新的 Azure AD 应用程序在通过管理门户更新之前无New Azure AD application doesn#39;t work until updated through management portal(新的 Azure AD 应用程序在通过管理门户更新之前无法运行
最新文章
- 带有 OpenIdAuthentication 的 ASP.NET:如果未授权,则重
- 在 Azure Active Directory 中用户禁用选项有吗?
- 从 Azure Active Directory 获取个人资料图片
- 使用 Azure Active Directory - 一个应用程序在本地登录
- 使用密码和 Azure Active Directory 身份验证的 Asp.ne
- 如何使用 Azure 身份验证在 Azure Function 中获取当前
- 无法从桌面控制台应用访问 Azure Key Vault
- 在 C# 中使用 authProvider 和 MS SDK 进行图形调用
- 升级到 5.0.0 后,TokenValidationParameters 不再工作
- 通过 OpenID Connect 从 Azure AD 获取用户的电子邮件地