我正在将 .Net Core Angular 模板与个人帐户一起使用:
dotnet new Angular -au individual
我因此添加了一个外部 Microsoft 登录提供程序:
services.AddAuthentication()
.AddMicrosoftAccount(config => {
config.ClientId = "***REDACTED***";
config.ClientSecret = "***REDACTED***";
config.SaveTokens = true;
})
.AddIdentityServerJwt();
然后,我创建一个具有 [Authorized]
属性的页面,并尝试检索 Microsoft access_token
但它始终显示为 null
.这是页面的构建方式:
测试.cshtml
@page
@model TestModel
<partial name="_LoginPartial" />
<h1>hi</h1>
<div>
<p>Access Token</p>
<pre>
@Model.AccessToken
</pre>
<p>ID Token</p>
<pre>
@Model.IdToken
</pre>
</div>
测试.cshtml.cs
[Authorize]
public class TestModel : PageModel {
private readonly UserManager<ApplicationUser> _userManager;
public string AccessToken;
public string IdToken;
public TestModel(UserManager<ApplicationUser> userManager) {
_userManager = userManager;
}
public async Task OnGetAsync() {
if (!User.Identity.IsAuthenticated) {
return;
}
var user = await _userManager.GetUserAsync(User);
AccessToken = await _userManager.GetAuthenticationTokenAsync(user, "Microsoft", "access_token");
IdToken = await _userManager.GetAuthenticationTokenAsync(user, "Microsoft", "id_token");
}
}
如前所述,我只获得 AccessToken
和 IdToken
的 null
值 - 我做错了什么?
附注我还尝试了 await HttpContext.GetTokenAsync("Microsoft", "access_token")
- 它也返回 null
。
最佳答案
经过几天的研究回答了我自己的问题,最终我将存储库克隆到 https://github.com/dotnet/aspnetcore并在https://github.com/identityserver/identityserver4并通过代码跟踪目标...
解决方案是在验证后,将对 SigninManager.UpdateExternalAuthenticationTokensAsync
的调用添加到 Account/ExternalLogin
回调处理程序(方法 OnGetCallbackAsync
)外部登录成功,即在调用 _signInManager.ExternalLoginSignInAsync
之后:
// Sign in the user with this external login provider if the user already has a login.
var result = await _signInManager.ExternalLoginSignInAsync(
info.LoginProvider,
info.ProviderKey,
isPersistent: false,
bypassTwoFactor : true);
if (result.Succeeded) {
await _signInManager.UpdateExternalAuthenticationTokensAsync(info); // <-- This
_logger.LogInformation(
"{Name} logged in with {LoginProvider} provider.",
info.Principal.Identity.Name,
info.LoginProvider);
return LocalRedirect(returnUrl);
}
关于c# - 如何保留并检索外部登录提供商的access_token,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59973762/