客户端代码
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
services.AddAuthentication(options => {
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
.AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options => {
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.GetClaimsFromUserInfoEndpoint = true;
options.Authority = "https://localhost:5001";
options.RequireHttpsMetadata = false;
options.ClientId = "zac.sms";
options.ClientSecret = "27db4b3f-9cb0-4020-a12c-19f390e9943a";
options.ResponseType = OpenIdConnectResponseType.Code;// "code"; //代表
options.Scope.Clear();
options.Scope.Add("openid");
options.Scope.Add("AdminWebApi");
options.SaveTokens = true;
})
identityserver4端代码
services.AddAbpDbContext<ApplicationDbContext>(options => {
options.AddDefaultRepositories(includeAllEntities: true);// 自动创建仓存
});
services.Configure<AbpDbContextOptions>(options => {
options.UseSqlServer();
});
var builder = services.AddIdentityServer(options =>
{
options.Events.RaiseErrorEvents = true;
options.Events.RaiseInformationEvents = true;
options.Events.RaiseFailureEvents = true;
options.Events.RaiseSuccessEvents = true;
// see https://identityserver4.readthedocs.io/en/latest/topics/resources.html
options.EmitStaticAudienceClaim = true;
});
builder.AddConfigurationStore(opt => {
opt.ConfigureDbContext = context => {
context.UseSqlServer(connectionString, sql => {
sql.MigrationsAssembly(migrationsAssembly);
});
};
})
.AddOperationalStore(opt => {
opt.ConfigureDbContext = context => {
context.UseSqlServer(connectionString, sql => {
sql.MigrationsAssembly(migrationsAssembly);
});
};
opt.EnableTokenCleanup = true;
opt.TokenCleanupInterval = 30;
});
//builder.AddResourceOwnerValidator<MyResourceOwnerPasswordValidator>();
// in-memory, code config
//builder.AddInMemoryIdentityResources(Config.IdentityResources);
//builder.AddInMemoryApiResources(Config.ApiResources);
//builder.AddInMemoryApiScopes(Config.ApiScopes);
//builder.AddInMemoryClients(Config.Clients);
//builder.AddClientStore<CustomerClientStore>();
//builder.AddProfileService<MyProfileService>();
// not recommended for production - you need to store your key material somewhere secure
builder.AddDeveloperSigningCredential();
services.AddAuthentication();
但是客户端的
HttpContext.User.Identity.Name 为空
HttpContext.User.Identity.Claims里面也没有
最后解决方案时在identityserver4端的client(表名)里将AlwaysIncludeUserClaimsInIdToken设置为true就可以了
标签:opt,AuthenticationScheme,builder,姓名,claims,true,options,identityserver4 From: https://www.cnblogs.com/helloStone/p/17076013.html