Our ASP.NET MVC application connects to IdentityServer 3 with the following config and without any problem
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions { Authority = IdentityServerUrl, ClientId = IdentityClientId, ResponseType = "id_token token", Scope = "openid profile myScope", SignInAsAuthenticationType = "Cookies", Notifications = new OpenIdConnectAuthenticationNotifications { SecurityTokenValidated = async n => { var newIdentity = new ClaimsIdentity( n.AuthenticationTicket.Identity.AuthenticationType, "name", "myrole"); var userInfoClient = new UserInfoClient( new Uri(n.Options.Authority + "/connect/userinfo"), n.ProtocolMessage.AccessToken); var userInfo = await userInfoClient.GetAsync(); userInfo.Claims.ToList().ForEach(ui => newIdentity.AddClaim(new Claim(ui.Item1, ui.Item2))); var sid = n.AuthenticationTicket.Identity.Claims.FirstOrDefault(x => x.Type == "sid"); if (sid != null) { newIdentity.AddClaim(new Claim("sid", sid.Value)); } n.AuthenticationTicket = new AuthenticationTicket( newIdentity, n.AuthenticationTicket.Properties); } } }); Now we want to upgrade and connect to IdentityServer 3 with .net core
We tried below code but I am not getting the
.AddOpenIdConnect("oidc", options => { options.Authority = IdentityClientUrl; options.ClientId = IdentityClientId; options.ResponseType = OpenIdConnectResponseType.IdTokenToken; options.Scope.Clear(); options.Scope.Add("profile"); options.Scope.Add("openid"); options.Scope.Add("email"); options.Scope.Add("myScope"); options.GetClaimsFromUserInfoEndpoint = true; options.TokenValidationParameters = new TokenValidationParameters { NameClaimType = "name", RoleClaimType = "myrole" }; options.SaveTokens = true; options.Events.OnTokenValidated = async n => { var claims = n.SecurityToken.Claims; var newIdentity = new ClaimsIdentity( "Cookies", "name", "myrole"); foreach (var item in claims) { newIdentity.AddClaim(new Claim(item.Type, item.Value)); } // Add the session id claim var sid = n.Principal.FindFirst(x => x.Type == "sid"); if (sid != null) { newIdentity.AddClaim(new Claim("sid", sid.Value)); } //n.AuthenticationTicket = new AuthenticationTicket( // newIdentity, // n.AuthenticationTicket.Properties); //return Task.CompletedTask; }; }); - Not able to identify how can i create the AuthenticationTIcket and update the claims.
- Observed that I am not getting all the custom claims when I used response type "id_token token" where as if just user "id_token" I am seeing my custom roles
Any help please?
https://stackoverflow.com/questions/67249395/getting-custom-claims-on-login-identityserver3-and-asp-net-core April 25, 2021 at 11:07AM
没有评论:
发表评论