我找到了一種方法來做到這一點by looking at this answer並搞清楚我可以做什麼。
使用Claims
我可以添加從Facebook檢索到的所有值並將其放入身份聲明中。
OnAuthenticated = (context) =>
{
const string XmlSchemaString = "http://www.w3.org/2001/XMLSchema#string";
var rawUserObjectFromFacebookAsJson = context.User;
context.Identity.AddClaim(new System.Security.Claims.Claim("urn:facebook:access_token", context.AccessToken, XmlSchemaString, "Facebook"));
foreach (var x in context.User)
{
var claimType = string.Format("urn:facebook:{0}", x.Key);
string claimValue = x.Value.ToString();
if (!context.Identity.HasClaim(claimType, claimValue))
context.Identity.AddClaim(new System.Security.Claims.Claim(claimType, claimValue, XmlSchemaString, "Facebook"));
}
return Task.FromResult(0);
}
然後我控制器上我可以利用這個
ClaimsIdentity identity = await HttpContext.GetOwinContext().Authentication
.GetExternalIdentityAsync(DefaultAuthenticationTypes.ExternalCookie);
拿到身份之後我會對我的行爲
[AllowAnonymous]
public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
{
ClaimsIdentity identity = await AuthenticationManager.GetExternalIdentityAsync(DefaultAuthenticationTypes.ExternalCookie);
var user = new IdentityUser()
{
Id = identity.GetUserId(),
UserName = identity.Name,
};
await LoginAsync(user, identity);
if (!identity.IsAuthenticated)
{
return RedirectToAction("Login");
}
return RedirectToAction("Index", "Home");
}
而且我LoginAsync方法
private async Task LoginAsync(IdentityUser user, ClaimsIdentity identity)
{
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
// I can't just use the identity I got on Facebook
// I need to create this one, or else it will not signin properly
// The authentication type has to be ApplicationCookie and the property
// is readonly, so...
var userIdentity = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
// now we have to transfer the claims, adding a check to avoid duplicates
foreach (var claim in identity.Claims)
{
if (!userIdentity.HasClaim(c => c.Type == claim.Type))
userIdentity.AddClaim(claim);
}
// then it will signin successfully
AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = true }, userIdentity);
}
然後我可以訪問
HttpContext.GetOwinContext().Authentication.User.Claims
在任何時間和檢索我需要的東西。
我還沒有測試過這個,但是爲了徹底而+1。它看起來肯定會起作用,但我真的很想爲此找到「最佳實踐」。 。 。任何人都知道可能在哪裏? – Lopsided