ABP的IdentityServer4使用自定义的claim声明,我是想增加一个部门Id,登录用户的中文名称
在 IdentityServer 项目的AbpModule中,
context.Services.AddScoped<IProfileService, ProfileServices>();
//context.Services
// .GetObject<IdentityBuilder>()
public class ProfileServices : IProfileService
{
private readonly UserManager<Volo.Abp.Identity.IdentityUser> _userManager;
private readonly RoleManager<Volo.Abp.Identity.IdentityRole> _roleManager;
public ProfileServices(IdentityUserManager userManager, IdentityRoleManager roleManager)
{
_userManager = userManager;
_roleManager = roleManager;
}
public async Task<List<Claim>> GetClaimsFromUserAsync(Volo.Abp.Identity.IdentityUser user)
{
var claims = new List<Claim> {
new Claim(JwtClaimTypes.Subject,user.Id.ToString()),
new Claim(JwtClaimTypes.Name,user.UserName),
new Claim(JwtClaimTypes.PreferredUserName,user.UserName)
};
var role = await _userManager.GetRolesAsync(user);
role.ToList().ForEach(f =>
{
claims.Add(new Claim(JwtClaimTypes.Role, f));
});
if (!string.IsNullOrEmpty(user.NormalizedUserName))
{
claims.Add(new Claim("NormalizedUserName", user.NormalizedUserName));
}
claims.Add(new Claim("DeptId", "A00001"));
claims.Add(new Claim("中文名称", "dacong"));
return claims;
}
/// <summary>
/// 获取用户Claims
/// 用户请求userinfo endpoint时会触发该方法
/// http://localhost:5003/connect/userinfo
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
var subjectId = context.Subject.Claims.FirstOrDefault(c => c.Type == "sub").Value;
var user = await _userManager.FindByIdAsync(subjectId);
context.IssuedClaims = await GetClaimsFromUserAsync(user);
}
/// <summary>
/// 判断用户是否可用
/// Identity Server会确定用户是否有效
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public async Task IsActiveAsync(IsActiveContext context)
{
var subjectId = context.Subject.Claims.FirstOrDefault(c => c.Type == "sub").Value;
var user = await _userManager.FindByIdAsync(subjectId);
context.IsActive = user != null; //该用户是否已经激活,可用,否则不能接受token
/*
这样还应该判断用户是否已经锁定,那么应该IsActive=false
*/
}
}