NetCore 获取 IdentityServer4 获取Token信息

第一步:安装 NuGet包 IdentityServer4.AccessTokenValidation

 第二步:配置(Program.cs)

// 注册认证相关组件和配置defaultScheme为Bearer
builder.Services.AddAuthentication("Bearer")
    .AddJwtBearer("Bearer", options =>
    {
        // 指定要接入的授权服务器地址
        options.Authority = "http://127.0.0.1:5001";
        // 在验证token时,不验证Audience
        options.TokenValidationParameters = new TokenValidationParameters
        {
            ValidateAudience = false
        };
        // 不适用Https
        options.RequireHttpsMetadata = false;
    });

 

app.UseAuthentication();

app.UseAuthorization();

 第三步:获取Token相关信息

接口类:

public interface ITokenService
{
    /// <summary>
    /// 获取当前登录客户端ID
    /// </summary>
    Task<string> GetClientIdAsync();

    /// <summary>
    /// 判断是否为管理员
    /// </summary>
    Task<bool> IsAdminRoleAsync();

    /// <summary>
    /// 获取当前登录角色ID
    /// </summary>
    Task<string> GetRoleIdAsync();

    /// <summary>
    /// 获取当前登录用户ID
    /// </summary>
    Task<string> GetUserIdAsync();

    /// <summary>
    /// 获取当前登录用户名
    /// </summary>
    Task<string?> GetUserNameAsync();
}

 实现类:

public class TokenService : ITokenService
{
    private readonly IHttpContextAccessor _httpContextAccessor;
    public TokenService(IHttpContextAccessor httpContextAccessor)
    {
        _httpContextAccessor = httpContextAccessor;
    }

    /// <summary>
    /// 获取当前登录客户端ID
    /// </summary>
    public async Task<string> GetClientIdAsync()
    {
        if (_httpContextAccessor.HttpContext.User.FindFirst(d => d.Type == "client_id") == null)
        {
            throw new ResponseException($"未授权,操作失败");
        }

        if (string.IsNullOrEmpty(_httpContextAccessor.HttpContext.User.FindFirst(d => d.Type == "client_id")?.Value))
        {
            throw new ResponseException($"您未登录,操作失败");
        }
        return _httpContextAccessor.HttpContext.User.FindFirst(d => d.Type == "client_id")?.Value;
    }

    /// <summary>
    /// 判断当前登录用户是否为管理员
    /// </summary>
    public async Task<bool> IsAdminRoleAsync()
    {
        if (_httpContextAccessor.HttpContext.User.FindFirst(ClaimTypes.Role) == null)
        {
            return false;
        }
        if (UserType.Admin.ToString() == _httpContextAccessor.HttpContext.User.FindFirst(ClaimTypes.Role)?.Value)
        {
            return true;
        }
        return false;
    }

    /// <summary>
    /// 判断当前登录用户是否为管理员
    /// </summary>
    public async Task<string> GetRoleIdAsync()
    {
        if (_httpContextAccessor.HttpContext.User.FindFirst(ClaimTypes.Role) == null)
        {
            throw new ResponseException($"未授权,操作失败");
        }

        return _httpContextAccessor.HttpContext.User.FindFirst(ClaimTypes.Role)?.Value;
    }

    /// <summary>
    /// 获取当前登录用户ID
    /// </summary>
    public async Task<string> GetUserIdAsync()
    {
        if (_httpContextAccessor.HttpContext.User.FindFirst(ClaimTypes.NameIdentifier) == null)
        {
            throw new ResponseException($"您未登录,操作失败");
        }
        if (string.IsNullOrEmpty(_httpContextAccessor.HttpContext.User.FindFirst(ClaimTypes.NameIdentifier)?.Value))
        {
            throw new ResponseException($"您未登录,操作失败");
        }
        return _httpContextAccessor.HttpContext.User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
    }

    /// <summary>
    /// 获取当前登录用户名
    /// </summary>
    public async Task<string?> GetUserNameAsync()
    {

        if (_httpContextAccessor.HttpContext.User == null)
        {
            throw new ResponseException($"您未登录,操作失败");
        }
        if (string.IsNullOrEmpty(_httpContextAccessor.HttpContext.User.FindFirst(d => d.Type == "preferred_username")?.Value))
        {
            throw new ResponseException($"您未登录,操作失败");
        }
        return _httpContextAccessor.HttpContext.User.FindFirst(d => d.Type == "preferred_username")?.Value;
    }
}

 

posted @ 2024-01-15 11:42  microsoft-zhcn  阅读(194)  评论(0)    收藏  举报