问题
I understand that currently the default Windows Live ID identity provider in ACS 2.0, only provides two claims the nameidentifier (a base64 unique id associated with the user and your application, but useless for describing someone) and the identityprovider claim which lets you know that your talking with LiveID. I was wondering is it possible to configure an alternative identity provider for Window Live ID that could provide Name and other Live ID profile information via additional claims.
Thanks, -Patrick
回答1:
You can't get anything but the nameidentifier and identityprovider claims using the Window's Live Identity Provider.
http://msdn.microsoft.com/en-us/library/gg185944.aspx
The other providers available to Azure ACS 2.0 are all listed in detail from this link. http://msdn.microsoft.com/en-us/library/gg185971.aspx
FYI - Google & Yahoo as IP's provide additional but optional claims emailaddress & name. So you could also retrieve as an example, John Doe & john.doe@gmail.com.
Note, that using these two optional claims will prompt the user they will be exposed to your services when logging in for the first time. At which time the user can cancel the operation. I recommend you only get the claims you really need as it may scare off potential users.
回答2:
I have investigated this before and found that the direct answer is no.
You can however use ADFS in chain with ACS to inject more claims.
It seems that the LiveId setup allows you to post a token to get info like
{
"id": "b6b2a7e8f2515e5",
"name": "Apurva Dalia",
"first_name": "Apurva",
"last_name": "Dalia",
"gender": null,
"link": "http://cid-b6b2a7e8f2515e5.profile.live.com/",
"locale": "en_US",
"updated_time": "2011-10-26T21:13:05+0000"
}
If this is true, than you can inject this info to the caller.
See Server Side scenarios of the Live SDK.
From another Microsoft site:
For example, the following GET request, without any access token specified, would return the user's public profile information. https://apis.live.net/v5.0/8c8ce076ca27823f
The information returned by Windows Live would look like the following.
"id": "8c8ce076ca27823f", "name": "Roberto Tamburello",
"first_name": "Roberto",
"last_name": "Tamburello",
"gender": null, "locale": "en_US"
来源:https://stackoverflow.com/questions/6391406/are-any-other-claims-available-from-windows-live-id-via-the-acs-2-0-identity-pro