0
如何在不包含「個人資料」身份資源的情況下將身份服務器核心配置爲在混合流中傳遞用戶電子郵件?身份識別服務器4不使用簡介
我希望我的服務器知道最少的用戶信息,所以我只需要用戶的電子郵件爲用戶創建一個帳戶。我的同意只是要求用戶授權所需的ID和電子郵件。
我正在使用實體框架商店持久數據+用戶管理的Asp.net核心身份。我從下面顯示的配置中填充數據庫。
這是我到目前爲止所做的,但我沒有收到用戶與用戶的電子郵件索賠。雖然我收到了「sid」。
public class Config
{
// scopes define the resources in your system
public static IEnumerable<IdentityResource> GetIdentityResources()
{
return new List<IdentityResource>
{
new IdentityResources.OpenId(),
new IdentityResources.Email
{
Required = true
}
};
}
// clients want to access resources (aka scopes)
public static IEnumerable<Client> GetClients()
{
new Client
{
ClientId = "MyClient",
ClientName = "MyClient",
AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
RequireConsent = true,
ClientSecrets =
{
new Secret("secret".Sha256())
},
RedirectUris = { "http://localhost:27919/signin-oidc" },
PostLogoutRedirectUris = { "http://localhost:27919" },
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Email
},
AllowOfflineAccess = true
}
};
}
}
在客戶端上我做的:
// middleware for external openid connect authentication
var options = new OpenIdConnectOptions
{
SignInScheme = "Identity.External",
SignOutScheme = "Identity",
DisplayName = "MyClient",
Authority = Constants.AuthServer.BaseUrl,
ClientId = "MyClient",
ClientSecret = "secret",
ResponseType = "code id_token",
//Scopes are entered below, outside this constructor
GetClaimsFromUserInfoEndpoint = true,
RequireHttpsMetadata = false //TODO: make true, it is false for development only
};
//Adding Scopes
options.Scope.Clear();
options.Scope.Add("openid");
options.Scope.Add("email");
app.UseOpenIdConnectAuthentication(options);