Asp.net mvc 4 IPrincipal应为ClaimsPrincipal,但为WindowsPrincipal
我有一个控制器,上面有3个动作方法,其中两个是常规OData调用,第三个是函数。使用Azure AD和ADAL保护WebAPI CustomAuthAttribute(IsAppAuthoring只是检查web.config条目) 控制器(ByUser是OData函数,无法获取正确的IPrincple信息,其他两种方法工作正常)Asp.net mvc 4 IPrincipal应为ClaimsPrincipal,但为WindowsPrincipal,asp.net-mvc-4,asp.net-web-api2,azure-active-directory,asp.net-web-api-odata,Asp.net Mvc 4,Asp.net Web Api2,Azure Active Directory,Asp.net Web Api Odata,我有一个控制器,上面有3个动作方法,其中两个是常规OData调用,第三个是函数。使用Azure AD和ADAL保护WebAPI CustomAuthAttribute(IsAppAuthoring只是检查web.config条目) 控制器(ByUser是OData函数,无法获取正确的IPrincple信息,其他两种方法工作正常) [OpsmApiAuthorizeAttribute] 公共类项目控制器:BaseController { /// ///获取给定项目id的项目详细信息 /// /
[OpsmApiAuthorizeAttribute]
公共类项目控制器:BaseController
{
///
///获取给定项目id的项目详细信息
///
///json
[启用查询]
公共IQueryable Get([FromODataUri]字符串键)
{
...
}
///
///获取所有项目
///
///json
[启用查询]
公共IQueryable Get()
{
...
}
[HttpGet]
//[缓存输出(ServerTimeSpan=60*60)]
公共IHttpActionResult ByUser([FromODataUri]字符串用户ID)
{
...
}
}
public class OpsmApiAuthorizeAttribute : AuthorizeAttribute
{
/// <summary>
/// Returns whether or not the user has authenticated with ADFS and whehter ornot we are configured to do authorization
/// </summary>
/// <param name="actionContext"></param>
/// <returns></returns>
protected override bool IsAuthorized(System.Web.Http.Controllers.HttpActionContext actionContext)
{
if (HttpContext.Current.IsAppAuthorizing())
return base.IsAuthorized(actionContext);
return true;
}
}
public void ConfigureAuth(IAppBuilder app)
{
app.UseWindowsAzureActiveDirectoryBearerAuthentication(
new WindowsAzureActiveDirectoryBearerAuthenticationOptions
{
Tenant = ConfigurationManager.AppSettings["ida:Tenant"],
TokenValidationParameters = new TokenValidationParameters
{
ValidAudience = ConfigurationManager.AppSettings["ida:Audience"],
},
MetadataAddress = ConfigurationManager.AppSettings["ida:MetadataEndpoint"],
});
}
[OpsmApiAuthorizeAttribute]
public class ProjectsController : BaseController
{
/// <summary>
/// Get a Project Detail for a given project id
/// </summary>
/// <returns>json</returns>
[EnableQuery]
public IQueryable<OPSM.DataAccess.Database.OpsM.PRJ> Get([FromODataUri] string key)
{
...
}
/// <summary>
/// Get all Projects
/// </summary>
/// <returns>json</returns>
[EnableQuery]
public IQueryable<OPSM.DataAccess.Database.OpsM.PRJ> Get()
{
...
}
[HttpGet]
//[CacheOutput(ServerTimeSpan = 60 * 60)]
public IHttpActionResult ByUser([FromODataUri]string userId)
{
...
}
}