【发布时间】:2025-12-08 13:15:01
【问题描述】:
我正在使用带有 ASP.NET Identity 的 IdentityServer 3 作为其用户存储。我已经按照article 设置了 IdentityServer,我的客户端是一个 ASP MVC Web 应用程序。我可以从我的客户端登录,但我不明白如何在客户端获取用户信息。在服务器端我正在使用:
var scopes = new Scope[]
{
StandardScopes.OpenId,
StandardScopes.Email,
new Scope
{
Name = "roles",
Claims = new List<ScopeClaim>
{
new ScopeClaim("role")
}
}
};
var clients = new Client[]
{
new Client
{
ClientId = "mvc-demo",
ClientName = "MVC Demo Client",
Flow = Flows.Implicit,
RedirectUris = new List<string>
{
"http://localhost:16652/"
},
AllowedScopes = new List<string>
{
"openid", "email", "roles"
}
}
};
var factory = new IdentityServerServiceFactory().Configure(connectionString);
factory.UseInMemoryClients(clients);
factory.UseInMemoryScopes(scopes);
在客户端:
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
AuthenticationType = "oidc",
SignInAsAuthenticationType = "cookies",
Authority = "https://localhost:44305/",
ClientId = "mvc-demo",
RedirectUri = "http://localhost:16652/",
ResponseType = "id_token token",
Scope = "openid email roles",
Notifications = new OpenIdConnectAuthenticationNotifications
{
SecurityTokenValidated = n =>
{
var id = n.AuthenticationTicket.Identity;
var email = id.FindFirst(Constants.ClaimTypes.Email);
var roles = id.FindAll(Constants.ClaimTypes.Role);
// create new identity and set name and role claim type
var nid = new ClaimsIdentity(
id.AuthenticationType,
Constants.ClaimTypes.Email,
Constants.ClaimTypes.Role);
nid.AddClaim(email);
nid.AddClaims(roles);
// add some other app specific claim
//nid.AddClaim(new Claim("app_specific", "some data"));
n.AuthenticationTicket = new AuthenticationTicket(
nid,
n.AuthenticationTicket.Properties);
return Task.FromResult(0);
}
}
但我无法获取有关用户电子邮件的信息。
【问题讨论】:
标签: asp.net-mvc asp.net-identity identityserver3