public async Task <IActionResult> AutoLogin(string returnUrl = null, string role = null, string permission = null)
{
var jwtSetting = JwtSetting.Instance;
var issuer = jwtSetting.Issuer;
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, "bob", ClaimValueTypes.String, issuer),
new Claim(ClaimTypes.DateOfBirth, "1970-06-08", ClaimValueTypes.Date),
new Claim("OrgId", "123", ClaimValueTypes.String, issuer),
new Claim("AddAsYouLike", "456", ClaimValueTypes.String, issuer)
};
if (!string.IsNullOrWhiteSpace(role))
{
var roleItems = role.SplitToValues();
foreach (var roleItem in roleItems)
{
claims.Add(new Claim(ClaimTypes.Role, roleItem, ClaimValueTypes.String, issuer));
}
}
if (!string.IsNullOrWhiteSpace(permission))
{
var theItems = permission.SplitToValues();
foreach (var theItem in theItems)
{
claims.Add(new Claim("Permission", theItem, ClaimValueTypes.String, issuer));
}
}
//fix => InvalidOperationException:
//SignInAsync when principal.Identity.IsAuthenticated is false is not allowed when AuthenticationOptions.RequireAuthenticatedSignIn is true.
var authType = "MyAuth";
var userIdentity = new ClaimsIdentity(claims, authType);
var userPrincipal = new ClaimsPrincipal(userIdentity);
//use cookies
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
userPrincipal, new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddMinutes(20),
IsPersistent = false,
AllowRefresh = false
});
//应该返回给客户端,自行处理
var token = _jwtTokenService.GenerateJsonWebToken(userPrincipal.Claims);
ViewBag.Token = token;
//todo: remove this line!
//为了测试方便,自动补齐Token
//return token to http request client, and set header by client!
MockClientRequest.Instance.Token = token;
return(RedirectToLocal(returnUrl));
}