identityserver4

问题 I'm trying to store new users data from the claims return from an external login. lets just say I have a model public class User { Guid UniqueIdentifier; string Username; string Firstname; string LastName; string Email; Date DateOfBirth; } and a method to add a user to the Database: _userService.Add(new User()); This is the standard IdentityServer implementation for their eternal login call back. [HttpGet] public async Task<IActionResult> ExternalLoginCallback(string returnUrl) { // read

问题 I followed the example on the website and I am able to get my bearer token. However, how do I get the current user name in my api controller? I used System.Security.Claims.ClaimsPrincipal but name is null. Thanks. 回答1: HttpContext.User.FindFirst("email")?.Value And replace the "email" with name. If the Name claim is not set in the token, the Name claim will also be null. You could also add this to the token in the implementation of the IProfileService. claims.Add(new Claim(JwtClaimTypes.Name,

问题 I'm trying to build a hybrid flow, and have claims on the returned access token with IdentityServer4. I'm using the QuickStart UI controlles. In my AccountController after the user was authenticated successfully, I have the following code which signs him in: await HttpContext.SignInAsync("anon@nymous.com", "anon@nymous.com", null, new Claim("MyName", "Ophir")); In the MVC website that is causing this flow, on the page I want to "protect" I have the following code: [Authorize] public

问题 im stuck on finding the issue i have here. i have tried to find from questions in SO but could figure out the problem. so im quite desperate atm. so in my solutions we have 3 projects API Production API Resource IdentityServer4 IdentityServer4 WebAPI Management API to access Client, Scopes, Etc on IdentityServ4 Client APP MVC App Everything went fine. Client can login and authenticate via IS4 and access production resources. there is now comes a need to also create api to manage IS4 from the

问题 We are attempting to integrate IdentityServer4 in facilities where we want to combine two login accounts (not 2FA in the traditional sense). Users would be pre-logged-in to Windows "service" accounts on computers fixed to a physical location in the building. They would be auto-authenticated to IS4 with the service account per IS4 Windows Authentication. Then, users would logon with their personal Active Directory credentials in the web app form (like the IS4 quickstart logon form). This would

问题 While doing some testing with IdentityServer4 I discovered a “strange” behavior. My API does not detect expired tokens. Setup: MVC project hosting IdentiyServer4 A API project with a single test endpoint A cmd client On IdentiyServer4-side the AccessTokenLifetime for my cmd client is set to 20 seconds. When checking in my client I can see that the exp value of the JWT token is set correctly to now + 20 seconds. The API accepts all calls from the client with a token (including expired tokens).

问题 I need to get access token from Identity Server through an API call from react client (fetch). I don't want to load the login UI from Identity Server (implicit flow), enter credentials, redirect to the redirect_uri and then get the access_token from the url. I just want to pass the credentials through an API call (fetch) to Token endpoint and get the access token from react client (similar to http://docs.identityserver.io/en/release/endpoints/token.html). The endpoint is - http://localhost

问题 I am implementing IdentityServer4. I tried to add new field CustomerId to Client. While doing migration, it is creating new table with name as Client instead of adding new column in Clients table. namespace xx.xx.Models { [Table("Clients")] public class ApplicationClient : Client { public string CustomerId { get; set; } } } 回答1: They don't provide the ability to extend the model in this way. However ClientProperties does exist so you could use that to store custom properties as key/value

问题 I have a ASP.Net Core MVC Web App that users needs to logon to get the id_token from the IdentityServer4 and then that id_token will be passed to webapi implemented in ServiceStack to obtain the authorization code. The subsequent call to the webapi will use the authorization code. So far what I have read is for the Web App, it should use openid cookie token (UseOpenIdConnectAuthentication). For the webapi, it should use the bearer token. My question is how I can pass that http only cookie

问题 I want to redirect user to the same client after he logged out from that client. So if i have lets say 5 clients on one identity server, i want users to be able to log out from one client and be on that same client but logged out. The one thing i have tried is to use PostLogoutRedirectUri in AccountController in quickstart, but the value is always null. Workaround that i found is to manually set PostLogoutRedirectUri, that works fine if you have only one client on the server, but not so much