问题
I have similar problem as here : https://github.com/IdentityServer/IdentityServer3.Samples/issues/9
But solution is not helpful for me.
So lets explain in more details with pictures and code:
I have this on client:
No need to map because NameClaimType(RoleClaimType) and Claim in list of claims are same
JwtSecurityTokenHandler.InboundClaimTypeMap.Clear();
On Api project I have:
In this case (if I understand correctly), I have to to map, because NameClaimType & RoleClaimType are not same with claim values.
JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>
{
{"role", System.Security.Claims.ClaimTypes.Role},
{"name",System.Security.Claims.ClaimTypes.Name }
};
But still not working. What am I doing wrong?
回答1:
InboundClaimTypeMap is used to transform the incoming claims. It doesn't set the NameClaimType and RoleClaimType properties.
Your authentication middleware should have the option to set name and role claim types. For ex:-
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
...,
NameClaimType = System.Security.Claims.ClaimTypes.Name,
RoleClaimType = System.Security.Claims.ClaimTypes.Role
});
来源:https://stackoverflow.com/questions/35622624/how-to-use-inboundclaimtypemap-for-claim-mapping