OAuth2 WebAPI 附加标签

Posted 2023-04-13

【中文标题】OAuth2 WebAPI 附加标签

【英文标题】：OAuth2 WebAPI additional tags

【发布时间】：2020-04-26 15:16:04

【问题描述】：

有没有办法在 OAuth 的 json 结果上添加额外的标签？现在我得到了这个结果。

    "access_token": "...",
    "token_type": "bearer",
    "expires_in": 3599

我需要补充的是

 ".expires": "...",
  ".issued": "..."

这是我的代码 sn-p：

public override Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)

    return Task.Factory.StartNew(() =>
    
        var username = context.UserName;
        var password = context.Password;
        var userService = new UserService();
        User user = userService.GetUserByCredentials(username, password);
        if (user != null)
        
            var claims = new List<Claim>()
            
                new Claim(ClaimTypes.Name, user.Name),
                new Claim("UserID", user.Id)
            ;

            ClaimsIdentity oAutIdentity = new ClaimsIdentity(claims, Startup.OAuthOptions.AuthenticationType);
            context.Validated(new AuthenticationTicket(oAutIdentity, new AuthenticationProperties()  ));
        
        else
        
            context.SetError("invalid_grant", "Error");
        
    );

它也不显示其他属性，它应该只返回姓氏、年龄、性别作为我的样本数据。

public override Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
    
        return Task.Factory.StartNew(() =>
        
            var username = context.UserName;
            var password = context.Password;
            var userService = new UserService();
            User user = userService.GetUserByCredentials(username, password);
            if (user != null)
            
                var claims = new List<Claim>()
                
                    new Claim(ClaimTypes.Name, user.Name),
                    new Claim("UserID", user.Id)
                ;

                var props = new AuthenticationProperties(new Dictionary<string, string>
                    
                        
                            "surname", "Smith"
                        ,
                        
                            "age", "20"
                        ,
                        
                        "gender", "Male"
                        
                    );

                ClaimsIdentity oAutIdentity = new ClaimsIdentity(claims, Startup.OAuthOptions.AuthenticationType);
                //context.Validated(new AuthenticationTicket(oAutIdentity, new AuthenticationProperties()  ));
                var ticket = new AuthenticationTicket(oAutIdentity, props);
                context.Validated(ticket);

            
            else
            
                context.SetError("invalid_grant", "Error");
            
        );
    

我的大部分代码都来自这个网站。 https://olepetterdahlmann.com/2016/08/08/implement-an-oauth-2-0-authorization-server-using-owin-oauth-middleware-on-asp-net-web-api/

【参考方案1】：

是的，您可以通过以下方式进行：

var customProperties = new Dictionary<string, string>();
customProperties.Add("as:client_id", context.ClientId ?? string.Empty);
customProperties.Add("user_roles", user_roles);
customProperties.Add("user_timezone", timeZoneName);
customProperties.Add("user_country", account.CountryCode ?? string.Empty);

AuthenticationProperties properties = new AuthenticationProperties(customProperties);
AuthenticationTicket ticket = new AuthenticationTicket(identity, properties);
context.Validated(ticket);

谢谢