时间戳

首页 > 解决方案 > Blazor WASM 避免默认声明映射

jwt - Blazor WASM 避免默认声明映射

问题描述

在服务器上,如果您编写以下代码,则可以避免声明的默认映射

 services
    .AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
    .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, o =>
    {
        o.Authority = openIdConnectOptions.Authority;
        o.TokenValidationParameters.ValidIssuer = openIdConnectOptions.ValidIssuer;
        o.TokenValidationParameters.ValidAudiences = openIdConnectOptions.ValidAudiences;
        o.MapInboundClaims = false;
        o.TokenValidationParameters.RoleClaimType = "roles";
    });

这是 MapInboundClaims = false; 这使它工作。

我知道在 Blazor Wasm 中面临同样的问题。一些声明被重命名,一些被丢弃。我非常想自己控制索赔映射。

我有这个 CustomUserFactor 来修复角色映射。也尝试映射 unique_name 但它不起作用。

using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Components.WebAssembly.Authentication;
using Microsoft.AspNetCore.Components.WebAssembly.Authentication.Internal;

namespace Zeus.Client.Services.Auth
{
    public class CustomUserFactory : AccountClaimsPrincipalFactory<RemoteUserAccount>
    {
        public CustomUserFactory(IAccessTokenProviderAccessor accessor)
            : base(accessor)
        {
        }

        public override async ValueTask<ClaimsPrincipal> CreateUserAsync(
            RemoteUserAccount account,
            RemoteAuthenticationUserOptions options)
        {
            var initialUser = await base.CreateUserAsync(account, options);
            if (initialUser.Identity == null || !initialUser.Identity.IsAuthenticated)
            {
                return initialUser;
            }

            var userIdentity = (ClaimsIdentity) initialUser.Identity;

            var tokenResult = await TokenProvider.RequestAccessToken();
            if (tokenResult.TryGetToken(out var token))
            {
                var claims = JwtParser.ParseClaimsFromJwt(token.Value).ToList();
                
                var uniqueName = claims.FirstOrDefault(x => x.Type == "unique_name");
                if(uniqueName != null)
                {
                    userIdentity.AddClaim(uniqueName);
                }
                var roles = claims.Where(x => x.Type == "role").ToList();
                foreach (var claim in roles)
                {
                    userIdentity.AddClaim(claim);
                }
            }

            return initialUser;
        }
    }
}

标签: jwtblazor-webassembly

解决方案

推荐阅读