如何将完整的身份用户对象从 CustomOAuthBearerAuthenticationProvider 传递给 AuthorizationFilterAttribute。
public class CustomOAuthBearerAuthenticationProvider : OAuthBearerAuthenticationProvider
{
public override Task ValidateIdentity(OAuthValidateIdentityContext context)
{
var appUserManager =
context.OwinContext.GetUserManager<ApplicationUserManager>();
var identity = context.Ticket.Identity;
var user = appUserManager.FindByIdAsync(identity.GetUserId()).Result;
context.Ticket.Identity.AddClaim(new Claim("PSK", user.PSK));
return base.ValidateIdentity(context);
}
}
public class TwoFactorAuthorizeAttribute : AuthorizationFilterAttribute
{
public override Task OnAuthorizationAsync(HttpActionContext
actionContext, System.Threading.CancellationToken cancellationToken)
{
var principal = actionContext.RequestContext.Principal as
ClaimsPrincipal;
var psk= principal?.FindFirst("psk").Value; //I want to read full object rather than individual property
}
}
我想你可以创建一些实用程序类,您可以在其中获取令牌并读取所有声明,然后发送它,然后在构造TwoFactorAuthorizeAttribute
类中注入该实用程序并调用该方法以获取列表。
var identity = (ClaimsIdentity)User.Identity;
IEnumerable<Claim> claims = identity.Claims;