C# 从oidc客户端获取用户角色
我使用angular和asp net core 3.1在我的应用程序中使用oidc客户端进行授权 如何通过oidc客户端从asp net获取用户角色?标识:C# 从oidc客户端获取用户角色,c#,angular,asp.net-core,identityserver4,oidc-client,C#,Angular,Asp.net Core,Identityserver4,Oidc Client,我使用angular和asp net core 3.1在我的应用程序中使用oidc客户端进行授权 如何通过oidc客户端从asp net获取用户角色?标识: public class ProfileService : IProfileService { protected UserManager<ApplicationUser> mUserManager; public ProfileService(UserManager<Applic
public class ProfileService : IProfileService
{
protected UserManager<ApplicationUser> mUserManager;
public ProfileService(UserManager<ApplicationUser> userManager)
{
mUserManager = userManager;
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
ApplicationUser user = await mUserManager.GetUserAsync(context.Subject);
IList<string> roles = await mUserManager.GetRolesAsync(user);
IList<Claim> roleClaims = new List<Claim>();
foreach (string role in roles)
{
roleClaims.Add(new Claim(JwtClaimTypes.Role, role));
}
context.IssuedClaims.AddRange(roleClaims);
}
public Task IsActiveAsync(IsActiveContext context)
{
return Task.CompletedTask;
}
}
public类ProfileService:IProfileService
{
受保护的用户管理器您是否使用IdentityServer4?有一件事我没有注意到,您是说,请参阅angular中的“UserRoles”还是在oidc客户端中看到“UserRoles”。(angular中基于角色的授权)
...
services.AddDefaultIdentity<ApplicationUser>(options => options.User.RequireUniqueEmail = true)
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddIdentityServer()
.AddApiAuthorization<ApplicationUser, ApplicationDbContext>();
services.AddTransient<IProfileService, ProfileService>();
services.AddAuthentication()
.AddIdentityServerJwt();
...