asp.net-web-api - 丰富 ASP.Net 不记名令牌格式

Question

我已经设置了一个支持不记名令牌的 ASP.NET WebApi 项目，如下所示：

var oAuthServerOptions = new OAuthAuthorizationServerOptions
{
    AllowInsecureHttp = true,
    TokenEndpointPath = new PathString("/token"),
    AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
    Provider = new SimpleAuthorizationServerProvider()
};

var oAuthBearerOptions = new OAuthBearerAuthenticationOptions();

app.UseOAuthAuthorizationServer(oAuthServerOptions);
app.UseOAuthBearerAuthentication(oAuthBearerOptions);

当我向令牌端点发出请求时，我得到了这个答案

{
    "access_token":"GST9UwSuesiYhkezr94K4xwuzvNQ",
    "token_type":"bearer",
    "expires_in":86399
}

有没有办法用这样的附加字段来丰富令牌？

{
    "access_token":"GST9UwSuesiYhkezr94K4xwuzvNQ",
    "token_type":"bearer",
    "expires_in":86399,
    "username":"user@mail.com"
}

score 3 · Accepted Answer

那么这里是解决方案：

在从OAuthAuthorizationServerProvider继承的类中

public override async Task TokenEndpoint(OAuthTokenEndpointContext context)
{
    context.AdditionalResponseParameters.Add("username", "user@mail.com");

    return Task.FromResult<object>(null);
}

asp.net-web-api - 丰富 ASP.Net 不记名令牌格式

1 回答 1

Related

Reference