claims

问题 I am using JWT Bearer auth in my new asp.net core 2.0 api app and want to add some extra claims to the current identity. This extra info is located in another api which need to be queried. My understanding is that claims transformation would be the proper place to do this. In .net core 1.1 you have the IClaimsTransformer interface in Microsoft.AspNetCore.Authentication nuget package, but I cannot install this one in my .net core 2.0 app. Is there a alternative way to transform claims in asp

问题 I am trying to hook into the Web Forms ASP.NET pipeline and extend the HttpContext.Current.User.Identity in such a way that the Name property returns a custom implementation. One possible approach which I have found in another answer that it is possible to add new properties by adding claims. The two questions I have are: Where to add the claims in the ASP.NET Web Forms pipeline? And Is it possible to override the existing Name property? 回答1: You can implement the PostAuthenticate event in

问题 I'm trying to store new users data from the claims return from an external login. lets just say I have a model public class User { Guid UniqueIdentifier; string Username; string Firstname; string LastName; string Email; Date DateOfBirth; } and a method to add a user to the Database: _userService.Add(new User()); This is the standard IdentityServer implementation for their eternal login call back. [HttpGet] public async Task<IActionResult> ExternalLoginCallback(string returnUrl) { // read

问题 I just signed up for a dev test account with Okta to test OIDC using Okta's auth service and user management. Using their management portal, I created a second group called Test Group along with the default group of Everyone and added my single user to both groups. I then added an application called My SPA and assigned the Test Group access to this application. Using the classic UI, I then edited the OpenID Connect ID Token section and set Group claims type to Expression and added groups as

问题 I'm using msal js library to redirect SPA to b2c policy. I can't find an example of sending some custom claim to the b2c policy (like extension_Brand) from javascript application. What I have found is .NET example: https://github.com/Azure-Samples/active-directory-b2c-advanced-policies/blob/d62c3f9e573ac8b5a9adc1565c6254f632e2a531/wingtipgamesb2c/src/WingTipMusicWebApplication/Startup.cs#L108 But it uses .NET library. Which JS library can send claim to the b2c policy? 回答1: There are no JS

问题 I have problem with Identity 2.0 . I'm trying to update claim on a user. So here is my code. var UserID = User.Identity.GetUserId(); var claims = await UserManager.GetClaimsAsync(UserID); var displayName = claims.FirstOrDefault(i => i.Type == "DisplayName"); var isPublic = claims.FirstOrDefault(i => i.Type == "IsPublic"); if (displayName != null) await UserManager.RemoveClaimAsync(UserID, displayName); if (isPublic != null) await UserManager.RemoveClaimAsync(UserID, isPublic); await

问题 The JWT RFC does not seem to have any problem containing complex arrays such as: { "email": "test@test.com", "businesses": [ { "businessId": "1", "businessName": "One", "roles": [ "admin", "accountant" ] }, { "businessId": "2", "businessName": "Two", "roles": [ "support" ] } ] } And this seems a desirable scenario for our needs, since as part of the token we'd like to have a list of businesses a user has access to and what roles does he have for each business (it's part of its identity). The

问题 I'm playing a with JwtTokens and can't make them work properly. I'm using http://www.nuget.org/packages/System.IdentityModel.Tokens.Jwt/ for it. I know the code is a mess but is just to show what I'm trying to do. The problem is that I want the JwtTokenHandler to fail the validation because of the lifetime. var key = "5A0AB091-3F84-4EC4-B227-0834FCD8B1B4"; var domain = "http://localhost"; var allowedAudience = "http://localhost"; var signatureAlgorithm = "http://www.w3.org/2001/04/xmldsig

问题 Inspired by an article on custom claims, I've added a tenant id custom claim to my Identity server sign in process as follows: using System; using System.Security.Claims; using System.Threading.Tasks; using MyNamespace.Models; using Microsoft.AspNetCore.Identity; using Microsoft.Extensions.Options; using MyNamespace.Data; using MyNamespace.Constants; namespace MyNamespace.Factories { public class TenantClaimsPrincipalFactory : UserClaimsPrincipalFactory<ApplicationUser> { public

问题 Case: I have an MVC5 application (basically the MVC5 template with a scaffolded view) with the Google authentication method enabled. The application has been configured to accept email as user name and to store the claims assigned from Google like Surname, givenname, email, nameidentifier, etc, to the membership database (AspNetUserClaims). When I register and log in with a "local" user everything is fine. If I log in with a Google user its fine. If I log in with an account set up to have