c# - 如何自定义 JWT 认证响应？

问题描述

我在 asp.net Web Api 中使用 JWT 默认行为进行身份验证，下面是 oAuthProvider 类中的代码：

public override Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            var emailAddress = context.UserName;
            var password = context.Password;

            User user = DbContext.User.Where(m => m.EmailAddress == emailAddress && m.IsDeleted == false).FirstOrDefault();
            if (user != null)
            {
                string encryptedPassword = CryptoUtility.GetPasswordHash(password, user.SaltKey);
                if (encryptedPassword == user.Password)
                {
                    if (user.IsActive)
                    {
                        var claims = new List<Claim>()
                            {
                                new Claim(ClaimTypes.Sid, Convert.ToString(user.Id)),
                                new Claim(ClaimTypes.Name, user.FullName),
                                new Claim(ClaimTypes.Email, user.EmailAddress)
                            };
                        ClaimsIdentity oAuthIdentity = new ClaimsIdentity(claims,
                                    DefaultAuthenticationTypes.ExternalBearer);

                        var properties = CreateProperties(user.FullName);
                        var ticket = new AuthenticationTicket(oAuthIdentity, properties);
                        context.Validated(ticket);
                    }
                    else
                    {
                        context.SetCustomError(JsonConvert.SerializeObject(new CommonModel()
                        {
                            StatusCode = (int)ApiStatus.AccountDisabled,
                            Message = "Sorry your account is inactive. Please contact your administrator",
                            Data = new { }
                        }));
                    }
                }
                else
                {
                    context.SetCustomError(JsonConvert.SerializeObject(new CommonModel()
                    {
                        StatusCode = (int)ApiStatus.InvalidCredentials,
                        Message = "The user name or password is incorrect",
                        Data = new { }
                    }));
                }
            }
            return Task.FromResult<object>(null);
        }

我尝试了很多方法，但我无法更改上述方法调用的 JWT 响应。我得到的结果是这样的（默认情况下在 JWT 中），

{
    "access_token": "eyJef4AiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9zaWQiOiIxIiwidW5pcXVlX25hbWUiOiJTYW12ZWRhbmEgVHJ1c3QiLCJlbWFpbCI6ImFkbWluQGRyY3N5c3RlbXMuY29tIiwiaXNzIjoiaHR0cDovL2NybS5zYW12ZWRhbmEub3JnLmluIiwiYXVkIjoiQW55IiwiZXhwIjoxNTM2MzA4OTg1LCJuYmYiOjE1MzYyMjI1ODV9.xBKt-WxVTzDyg1kYoynXGzDU-gl0l3vp9zeAQyHLPdE",
    "token_type": "bearer",
    "expires_in": 86399,
    "userName": "Demo 1",
    ".issued": "Thu, 06 Sep 2018 08:29:45 GMT",
    ".expires": "Fri, 07 Sep 2018 08:29:45 GMT"
}

怎么改回复啊！

标签： c#asp.net-web-apijwt