/// <summary>
/// Creates a <see cref="T:System.Security.Claims.ClaimsIdentity" /> from a <see cref="T:System.IdentityModel.Tokens.Jwt.JwtSecurityToken" />.
/// </summary>
/// <param name="jwtToken">The <see cref="T:System.IdentityModel.Tokens.Jwt.JwtSecurityToken" /> to use as a <see cref="T:System.Security.Claims.Claim" /> source.</param>
/// <param name="issuer">The value to set <see cref="P:System.Security.Claims.Claim.Issuer" /></param>
/// <param name="validationParameters"> Contains parameters for validating the token.</param>
/// <returns>A <see cref="T:System.Security.Claims.ClaimsIdentity" /> containing the <see cref="P:System.IdentityModel.Tokens.Jwt.JwtSecurityToken.Claims" />.</returns>
protected override ClaimsIdentity CreateClaimsIdentity(JwtSecurityToken jwtToken,
string issuer,
TokenValidationParameters validationParameters)
{
ClaimsIdentity identity = base.CreateClaimsIdentity(jwtToken, issuer, validationParameters);
if (identity.IsAuthenticated)
{
//由在线缓存获取用户信息赋给IIdentity
IOnlineUserCache onlineUserCache = ServiceLocator.Instance.GetService <IOnlineUserCache>();
OnlineUser user = onlineUserCache.GetOrRefresh(identity.Name);
if (user == null)
{
return(null);
}
identity.AddClaims(new[]
{
new Claim(ClaimTypes.GivenName, user.NickName),
new Claim(ClaimTypes.Email, user.Email)
});
if (user.Roles.Length > 0)
{
identity.AddClaim(new Claim(ClaimTypes.Role, user.Roles.ExpandAndToString()));
}
}
ScopedDictionary dict = ServiceLocator.Instance.GetService <ScopedDictionary>();
dict.Identity = identity;
return(identity);
}
protected override ClaimsIdentity CreateClaimsIdentity(JwtSecurityToken jwtToken, string issuer, TokenValidationParameters validationParameters)
{
ClaimsIdentity identity = base.CreateClaimsIdentity(jwtToken, issuer, validationParameters);
if (identity.IsAuthenticated)
{
//由在线缓存获取用户信息赋给IIdentity
IOnlineUserCache onlineUserCache = ServiceLocator.Instance.GetService <IOnlineUserCache>();
OnlineUser user = onlineUserCache.GetOrRefresh(identity.Name);
if (user == null)
{
return(null);
}
// ============================= 此处附加用户信息 =============================
//if (!string.IsNullOrEmpty(user.NickName))
//{
// identity.AddClaim(new Claim(ClaimTypes.GivenName, user.NickName));
//}
//if (!string.IsNullOrEmpty(user.Email))
//{
// identity.AddClaim(new Claim(ClaimTypes.Email, user.Email));
//}
if (user.Roles.Length > 0)
{
//identity.AddClaim(new Claim(ClaimTypes.Role, user.Roles.ExpandAndToString()));
identity.AddClaim(new Claim("RoleId", user.Roles.ExpandAndToString()));
}
//identity.AddClaim(new Claim("test", "自定义的数据"));
}
return(identity);
}
public async Task <string> Test01()
{
List <object> list = new List <object>();
IOnlineUserCache cache = ServiceLocator.Instance.GetService <IOnlineUserCache>();
OnlineUser user = cache.GetOrRefresh("admin");
list.Add(user.ToJsonString());
return(list.ExpandAndToString("\r\n"));
}
/// <summary>
/// Creates a <see cref="T:System.Security.Claims.ClaimsIdentity" /> from a <see cref="T:System.IdentityModel.Tokens.Jwt.JwtSecurityToken" />.
/// </summary>
/// <param name="jwtToken">The <see cref="T:System.IdentityModel.Tokens.Jwt.JwtSecurityToken" /> to use as a <see cref="T:System.Security.Claims.Claim" /> source.</param>
/// <param name="issuer">The value to set <see cref="P:System.Security.Claims.Claim.Issuer" /></param>
/// <param name="validationParameters"> Contains parameters for validating the token.</param>
/// <returns>A <see cref="T:System.Security.Claims.ClaimsIdentity" /> containing the <see cref="P:System.IdentityModel.Tokens.Jwt.JwtSecurityToken.Claims" />.</returns>
protected override ClaimsIdentity CreateClaimsIdentity(JwtSecurityToken jwtToken,
string issuer,
TokenValidationParameters validationParameters)
{
ClaimsIdentity identity = base.CreateClaimsIdentity(jwtToken, issuer, validationParameters);
if (identity.IsAuthenticated)
{
//由用户名获取在线缓存的角色赋给Identity
IOnlineUserCache onlineUserCache = ServiceLocator.Instance.GetService <IOnlineUserCache>();
OnlineUser user = onlineUserCache.GetOrRefresh(identity.Name);
Claim roleClaim = identity.Claims.FirstOrDefault(m => m.Type == ClaimTypes.Role);
if (roleClaim != null)
{
identity.RemoveClaim(roleClaim);
}
if (user.Roles.Length > 0)
{
identity.AddClaim(new Claim(ClaimTypes.Role, user.Roles.ExpandAndToString()));
}
}
return(identity);
}
