asp.net-core – 带有ASP.NET身份3的JWT承载令牌

"dependencies": {
  "Microsoft.AspNet.Authentication.JwtBearer": "1.0.0-rc1-final","AspNet.Security.OpenIdConnect.Server": "1.0.0-beta4"
}

虽然代码是一个很好的开始,但它并不是一个完全集成w / ASP.NET身份的完整解决方案.我修改了AuthorizationProvider类,如下所示：

public override Task GrantResourceOwnerCredentials(
    GrantResourceOwnerCredentialsContext context)
{
    var user = _userManager.FindByNameAsync(context.UserName).Result;
    if (user == null)
    {
        context.Rejected("The user name or password is incorrect.");
    }
    else
    {
        var signInManager = context.HttpContext.RequestServices
            .GetRequiredService<SignInManager<ApplicationUser>>();

        if (signInManager.CanSignInAsync(user).Result &&
            _userManager.CheckPasswordAsync(user,context.Password).Result)
        {
            var principal = signInManager.CreateUserPrincipalAsync(user).Result;

            //To avoid leaking confidential data,AspNet.Security.OpenIdConnect.Server
            //refuses to serialize the claims that don't explicitly specify a destination.
            foreach (var claim in principal.Claims)
                claim.WithDestination("token id_token");

            context.Validated(principal);
        }
        else
            context.Rejected("The user name or password is incorrect.");
    }

    return Task.FromResult(0);
}

我正在使用CreateUserPrincipalAsync为Validated方法创建ClaimsPrincipal.是否有更好的方法来集成w / ASP.NET身份？