如何處理Stormpath ID網站JWT響應

我正在嘗試使用Stormpath ID網站授權創建ASP.NET應用程序。我創建了請求和響應操作併成功獲取了該帳戶。如何處理Stormpath ID網站JWT響應

但接下來呢？如何告訴應用程序用戶已通過身份驗證？

public async Task<RedirectResult> Callback(string jwtResponse) 
{ 
    var client = Request.GetStormpathClient(); 
    var app = await client.GetApplicationAsync(appUrl); 
    var requestDescriptor = HttpRequests.NewRequestDescriptor() 
    .WithMethod("GET") 
    .WithUri("http://localhost:50084/Auth/Callback?jwtResponse=" + jwtResponse) 
    .Build(); 
    var idSiteListener = app.NewIdSiteAsyncCallbackHandler(requestDescriptor); 
    var accountResult = await idSiteListener.GetAccountResultAsync(); 
    var account = accountResult.GetAccountAsync().Result; //Account 
    //What I must do here to tell application that user is authenticated 
    return Redirect("/"); 
}

來源

2017-02-09 Andrii Khomiak

而不是從ID網站響應獲取帳戶，你可以爲一個Stormpath訪問令牌交換JWT：如果您使用Stormpath ASP.NET plugin

public async Task<RedirectResult> Callback(string jwtResponse) 
{ 
    var client = Request.GetStormpathClient(); 
    var app = await client.GetApplicationAsync(appUrl); 

    var exchangeRequest = new StormpathTokenGrantRequest 
    { 
     Token = jwtResponse 
    }); 

    var grantResponse = await application.ExecuteOauthRequestAsync(exchangeRequest); 

    // Return grantResponse.AccessTokenString in a secure HTTPOnly cookie, or as a JSON response 
}

，您可以enable ID Site，這將被處理爲你自動。

聲明：我是軟件包的作者。

來源

2017-02-09 17:48:00

如何處理Stormpath ID網站JWT響應

回答

相關問題