gpt4 book ai didi

asp.net-core - ASP.NET Core 2.0.3 ClaimsTransformer 与 HttpContextAccessor 结合使用,正在清除声明

转载 作者:行者123 更新时间:2023-12-03 18:15:47 33 4
gpt4 key购买 nike

在我的 Asp.Net Core 应用程序中,我想向我的 ClaimsIdentity 添加自定义声明,以便我可以在应用程序的不同层中访问这些声明。为此,我添加了以下代码

启动

services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddTransient<IPrincipal>(
provider => provider.GetService<IHttpContextAccessor>().HttpContext.User);
services.AddTransient<IClaimsTransformation, ClaimsTransformer>();

claim 变压器
public class ClaimsTransformer : IClaimsTransformation
{
private readonly IUnitOfWork _unitOfWork;
private readonly IPrincipal _principal;
public ClaimsTransformer(IUnitOfWork unitOfWork, IPrincipal principal)
{
_unitOfWork = unitOfWork;
_principal = principal;
}
public Task<ClaimsPrincipal> TransformAsync(ClaimsPrincipal principal)
{
var currentPrincipal = (ClaimsIdentity)_principal.Identity;
var identity = (ClaimsIdentity)principal.Identity;
if (currentPrincipal.Claims.All(p => p.Type != "UserId"))
{
var person = _unitOfWork.PersonRepository.GetPersonBySubjectId(principal.Claims.First(p => p.Type == "sub").Value);
person.Wait();
if (person.Result != null)
{
currentPrincipal.AddClaim(new Claim("UserId", person.Result.Id.ToString()));
currentPrincipal.AddClaim(new Claim("TenantId", person.Result.PersonTeams.FirstOrDefault(p => p.Team.TeamType == TeamType.OrganizationTeam)?.Team.OrganizationId.ToString()));
if (principal.Claims.Any(p => p.Type == "Admin"))
{
currentPrincipal.AddClaim(new Claim("Admin", "True"));
}
}
foreach (var claim in identity.Claims)
{
currentPrincipal.AddClaim(claim);
}
}
return Task.FromResult(principal);
}
}

我不明白的是,当我运行 Claimstransformation 并逐步执行代码时,所有需要的声明都可用,但是当我将 IPrincipal 注入(inject)自定义类时,声明集合是空的,当我不使用时ClaimsTransformation,声明可通过注入(inject)的 IPrincipal 获得。

为了解决这个问题,我将我的 IPrincipal 添加到 ClaimsTransformer 并复制 TransformAsync 输入参数中的声明,并添加 UserId 和 TenantId。
这可行,但我遇到的问题是我不明白为什么在运行 ClaimsTransformer 时会删除声明以及为什么需要添加此 黑客

最佳答案

我在同一个地方。
我不得不删除 IPrincipal DI

启动

services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddTransient<IClaimsTransformation, ClaimsTransformer>();

services.AddAuthentication(IISDefaults.AuthenticationScheme);

services.AddAuthorization(options =>
{
options.AddPolicy("SystemAdminOnly", policy => policy.RequireClaim(ClaimTypes.Role, "SystemAdmin"));
});

claim 变压器
public ClaimsTransformer(IRepository repository, IHttpContextAccessor httpContextAccessor/*, IPrincipal principal*/, IMemoryCache cache)
{
_repository = repository;
_httpContextAccessor = httpContextAccessor;
// _principal = principal;
_cache = cache;
}

public async Task<ClaimsPrincipal> TransformAsync(ClaimsPrincipal principal)
{
if (principal.Identity.IsAuthenticated)
{
var currentPrincipal = (ClaimsIdentity)principal.Identity;//_principal.Identity;

var ci = (ClaimsIdentity)principal.Identity;
var cacheKey = ci.Name;

if (_cache.TryGetValue(cacheKey, out List<Claim> claims))
{
currentPrincipal.AddClaims(claims);
}
else
{
claims = new List<Claim>();
var isUserSystemAdmin = await _repository.IsUserAdmin(ci.Name);
if (isUserSystemAdmin)
{
var c = new Claim(ClaimTypes.Role, "SystemAdmin");
claims.Add(c);
}

_cache.Set(cacheKey, claims);
currentPrincipal.AddClaims(claims);
}

//foreach (var claim in ci.Claims)
//{
// currentPrincipal.AddClaim(claim);
//}
}

return await Task.FromResult(principal);
}

它有效!

关于asp.net-core - ASP.NET Core 2.0.3 ClaimsTransformer 与 HttpContextAccessor 结合使用,正在清除声明,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/47358613/

33 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com