0

I'm looking at the AspNetIdentity_2fa sample and trying to modify it to include some dynamic claims for users. Let's name it calculated_value claim which is created dynamically when a user is authenticated, and then is included in the user's claims list and passed with the the authentication token. I know I could create a separate Web API to get this value but since it is small data and that it is needed as soon as a user is authenticated, I thought I'd just pass it as claim. In the samples I see that claims always coming from static or hard-coded data. How can I create dynamic/late-bound claims?

Thanks!

4

1 回答 1

2

前段时间,我花了一些时间尝试将 Identity Server v3 与 Active Directory 集成。我想通过 AD 对用户进行身份验证并从 AD 中读取“声明”。为此,我提供了IUserService. 它或多或少基于这些接口的内存实现,即InMemoryUserService

当您的自定义实现准备就绪时,您必须注册它。但是,AspNetIdentity_2fa示例项目已经注册了IUserServiceie的自定义实现UserService(只需在项目中搜索此类)。它源自AspNetIdentityUserServicewhich implements IUserService

因此,与其提供全新的实现,不如尝试修改它。我认为您应该查看AuthenticateLocalAsync,AuthenticateExternalAsyncGetProfileDataAsync方法(请参阅InMemoryUserService参考)并覆盖它们。前 2 个用于对用户进行身份验证,最后一个用于为用户读取请求的声明。

于 2015-04-15T14:03:26.037 回答