首页 编程开发 asp.Net asp.net-core – 使用IdentityServer4生成访问令牌,无需密码

asp.net-core – 使用IdentityServer4生成访问令牌,无需密码

dawei 2020年11月17日 0:04

我使用ROPC流创建了使用IdentityServer4保护的ASP.NET Core WebApi(使用此示例: https://github.com/robisim74/AngularSPAWebAPI). 如何在没有密码的情况下从服务器手动生成access_token? [HttpPost(loginas/{id})][Authorize(Roles = admin)]publi

我使用ROPC流创建了使用IdentityServer4保护的ASP.NET Core WebApi(使用此示例:
https://github.com/robisim74/AngularSPAWebAPI).

如何在没有密码的情况下从服务器手动生成access_token?

解决方法

[HttpPost("loginas/{id}")]
[Authorize(Roles = "admin")]
public async Task<IActionResult> LoginAs(int id,[FromServices] ITokenService TS,[FromServices] IUserClaimsPrincipalFactory<ApplicationUser> principalFactory,[FromServices] IdentityServerOptions options)
{
    var Request = new TokenCreationRequest();                        
    var User = await userManager.FindByIdAsync(id.ToString());
    var IdentityPricipal = await principalFactory.CreateAsync(User);
    var IdServerPrincipal = IdentityServerPrincipal.Create(User.Id.ToString(),User.UserName,IdentityPricipal.Claims.ToArray());

    Request.Subject = IdServerPrincipal;
    Request.IncludeAllIdentityClaims = true;
    Request.ValidatedRequest = new ValidatedRequest();
    Request.ValidatedRequest.Subject = Request.Subject;
    Request.ValidatedRequest.SetClient(Config.GetClients().First());
    Request.Resources = new Resources(Config.GetIdentityResources(),Config.GetApiResources());
    Request.ValidatedRequest.Options = options;
    Request.ValidatedRequest.ClientClaims = IdServerPrincipal.Claims.ToArray();

    var Token = await TS.CreateAccessTokenAsync(Request);
    Token.Issuer = "http://" + HttpContext.Request.Host.Value;

    var TokenValue = await TS.CreateSecurityTokenAsync(Token);
    return Ok(TokenValue);
}

对于新发布的IdentityServer 2.0.0,代码需要进行一些修改:

[HttpPost("loginas/{id}")]
    [Authorize(Roles = "admin")]
    public async Task<IActionResult> LoginAs(int id,[FromServices] IdentityServerOptions options)
    {
        var Request = new TokenCreationRequest();
        var User = await userManager.FindByIdAsync(id.ToString());
        var IdentityPricipal = await principalFactory.CreateAsync(User);
        var IdentityUser = new IdentityServerUser(User.Id.ToString());
        IdentityUser.AdditionalClaims = IdentityPricipal.Claims.ToArray();
        IdentityUser.DisplayName = User.UserName;
        IdentityUser.AuthenticationTime = System.DateTime.UtcNow;
        IdentityUser.IdentityProvider = IdentityServerConstants.LocalIdentityProvider;
        Request.Subject = IdentityUser.CreatePrincipal();
        Request.IncludeAllIdentityClaims = true;
        Request.ValidatedRequest = new ValidatedRequest();
        Request.ValidatedRequest.Subject = Request.Subject;
        Request.ValidatedRequest.SetClient(Config.GetClients().First());
        Request.Resources = new Resources(Config.GetIdentityResources(),Config.GetApiResources());
        Request.ValidatedRequest.Options = options;
        Request.ValidatedRequest.ClientClaims = IdentityUser.AdditionalClaims;
        var Token = await TS.CreateAccessTokenAsync(Request);
        Token.Issuer = HttpContext.Request.Scheme + "://" + HttpContext.Request.Host.Value;
        var TokenValue = await TS.CreateSecurityTokenAsync(Token);
        return Ok(TokenValue);
    }

作者: dawei

【声明】:西安站长网内容转载自互联网,其相关言论仅代表作者个人观点绝非权威,不代表本站立场。如您发现内容存在版权问题,请提交相关链接至邮箱:bqsm@foxmail.com,我们将及时予以处理。

为您推荐

asp.net – MVC4 – ContextDependentView – 这是什么意思?

asp.net – MVC4 – ContextDependentView – 这是什么意思?

asp.net-core – 如何使用ASP.NET注册OData 5

asp.net-core – 如何使用ASP.NET注册OData 5

asp.net-mvc – 已经使用相同的参数类型定义了一个名为“Create”的成员

asp.net-mvc – 已经使用相同的参数类型定义了一个名为“Create”的成员

asp.net-mvc-3 – 如何从ASP.NET MVC#输出中删除空格?

asp.net-mvc-3 – 如何从ASP.NET MVC#输出中删除空格?

asp.net-mvc – 使用AD的ASP.NET MVC表单Auth在本地工作但在服务器上失败(iis7)

asp.net-mvc – 使用AD的ASP.NET MVC表单Auth在本地工作但在服务器上失败(iis7)

ASP.Net – AJAX UpdatePanel中的Javascript

ASP.Net – AJAX UpdatePanel中的Javascript

联系我们

联系我们

0577-28828765

在线咨询: QQ交谈

邮箱: xwei067@foxmail.com

工作时间:周一至周五,9:00-17:30,节假日休息

返回顶部