Abp vNext 番外篇丨Claims扩展
缘起
abp默认提供的Claims不够用,当系统需要添加自定义Claims.
正文
首先abp默认提供了'IAbpClaimsPrincipalContributor'接口来帮助实现,该接口实现会在颁发token的时候调用.
public async Task ContributeAsync(AbpClaimsPrincipalContributorContext context)
{
//只是个简单例子
var claimsIdentity = context.ClaimsPrincipal.Identities.FirstOrDefault();
claimsIdentity.AddOrReplace(new Claim(xxxClaimsPrincipal.TenantPath, tenant.Name));
claimsIdentity.AddOrReplace(new Claim(xxxClaimsPrincipal.TenantEnterpriseId, kuforeTenant.Data.EnterpriseByPath.Id));
claimsIdentity.AddOrReplace(new Claim(xxxClaimsPrincipal.TenantOwnerUserId, kuforeTenant.Data.EnterpriseByPath.OwnerUserId));
claimsIdentity.AddOrReplace(new Claim(xxxClaimsPrincipal.TenantActiveEdition, kuforeTenant.Data.EnterpriseByPath.ActiveEdition.ToString()));
}
重点来了如果你只是这样用了,你会发现你在需要读取Claims的时候,你读不到数据,但是你断点你又发现命名赋值成功了。
这里我们找到'IdentityServerDataSeedContributor.cs',看下面代码应该懂得都懂了,如果你ids4的Claims中不包含会在颁发的时候移除掉你的Claims
private async Task CreateApiResourcesAsync()
{
var commonApiUserClaims = new[]
{
"email",
"email_verified",
"name",
"phone_number",
"phone_number_verified",
"role",
xxxClaimsPrincipal.TenantPath,
xxxClaimsPrincipal.TenantEnterpriseId,
xxxClaimsPrincipal.TenantOwnerUserId,
xxxClaimsPrincipal.TenantActiveEdition
};
await CreateApiResourceAsync("xxx", commonApiUserClaims);
}
结语
也欢迎大家阅读我的Abp vNext系列教程
联系作者:加群:867095512 @MrChuJiu