IdentityServer4-RequestedClaimTypes为空
从IdentityServer 4文档中: 如果请求的作用域是标识资源,则将根据IdentityResource中定义的用户声明类型填充RequestedClaimTypes中的声明 这是我的身份资源:IdentityServer4-RequestedClaimTypes为空,identityserver4,claims-based-identity,Identityserver4,Claims Based Identity,从IdentityServer 4文档中: 如果请求的作用域是标识资源,则将根据IdentityResource中定义的用户声明类型填充RequestedClaimTypes中的声明 这是我的身份资源: return new List<IdentityResource> { new IdentityResources.OpenId(), new IdentityResources.Profile(
return new List<IdentityResource>
{
new IdentityResources.OpenId(),
new IdentityResources.Profile(),
new IdentityResources.Phone(),
new IdentityResources.Email(),
new IdentityResource(ScopeConstants.Roles, new List<string> { JwtClaimTypes.Role })
};
ProfileService-GetProfileDataAsync方法:
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
var sub = context.Subject.GetSubjectId();
var user = await _userManager.FindByIdAsync(sub);
var principal = await _claimsFactory.CreateAsync(user);
var claims = principal.Claims.ToList();
claims = claims.Where(claim => context.RequestedClaimTypes.Contains(claim.Type)).ToList();
if (user.Configuration != null)
claims.Add(new Claim(PropertyConstants.Configuration, user.Configuration));
context.IssuedClaims = claims;
}
principal.claims.ToList()列出了所有声明,但context.RequestedClaimTypes为空,因此按context.RequestedClaimTypes.Contains(claim.Type))筛选的筛选器不返回任何声明
客户端配置:
let header=new-HttpHeaders({'Content-Type':'application/x-www-form-urlencoded'})
有人表示,添加AlwaysIncludeUserClaimsInIdToken=true可以解决问题——我尝试了,但没有
我错过了什么?请提供帮助。是否可以包括客户端的oidc配置或说明客户端中配置了什么样的响应类型?是否可以验证
Context.Caller
是什么?@Richard用详细信息更新了问题。@RuardvanElburg Context.Caller=“ClaimsProviderAccessToken”与我的问题相同。有什么帮助吗?
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
var sub = context.Subject.GetSubjectId();
var user = await _userManager.FindByIdAsync(sub);
var principal = await _claimsFactory.CreateAsync(user);
var claims = principal.Claims.ToList();
claims = claims.Where(claim => context.RequestedClaimTypes.Contains(claim.Type)).ToList();
if (user.Configuration != null)
claims.Add(new Claim(PropertyConstants.Configuration, user.Configuration));
context.IssuedClaims = claims;
}
let params = new HttpParams()
.append('username', userName)
.append('password', password)
.append('grant_type', 'password')
.append('scope', 'email offline_access openid phone profile roles api_resource')
.append('resource', window.location.origin)
.append('client_id', 'test_spa');
let requestBody = params.toString();
return this.http.post<T>(this.loginUrl, requestBody, { headers: header });
export interface LoginResponse {
access_token: string;
token_type: string;
refresh_token: string;
expires_in: number;
}