使用Owin和Windows身份验证在MVC 5应用程序中添加声明

Question

我正在开发一个mvc 5 Web应用程序,其中的身份验证由owin和表单身份验证实现.

它开箱即用的声明非常好.现在我正在尝试使用Windows身份验证登录系统

public void ConfigureAuth(IAppBuilder app)
{
// Configure the db context and user manager to use a single instance per request
//  app.CreatePerOwinContext(ApplicationDbContext.Create);
//  app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);

// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third         party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
    LoginPath = new PathString("/Account/Login"),
    Provider = new CookieAuthenticationProvider
    {
        OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
            validateInterval: TimeSpan.FromMinutes(30),
            regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
    }
});

app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

// Uncomment the following lines to enable logging in with third party login providers
//app.UseMicrosoftAccountAuthentication(
//    clientId: "",
//    clientSecret: "");

//app.UseTwitterAuthentication(
//   consumerKey: "",
//   consumerSecret: "");

//app.UseFacebookAuthentication(
//   appId: "",
//   appSecret: "");

////  app.UseGoogleAuthentication(
//       clientId: "000-000.apps.googleusercontent.com",
//     clientSecret: "00000000000");
}

我评论了所有提供商.

我试图在登录过程中推送索赔,但user(window.identity.principal)已经过身份验证,我可以检查authenticationmanger.current.user.Isauthenticated.

我试图登录,但索赔没有被推,但我可以看到用户的索赔中出现的索赔列表,甚至认为sign命令没有被触发.这就像windows身份验证中的owin已经知道谁是当前用户及其名称并声称.但我想要一些自定义的一次声明被推入现有的列表,我无法实现.

所有现有的索赔属于系统类型索赔,这让我怀疑我是否可以修改索赔.

如何修改或更新或扩展现有的声明列表？

我尝试了索赔的撤销方法,它适用于表单身份验证.

Answer 1

   private async Task SignInAsync(ApplicationUser user, bool isPersistent)
    {
        var identity = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);

        // Add more custom claims here if you want. 
        var claims = new Collection<Claim>
        {
            new Claim("Surname",user.ApplicantName),
            new Claim("ApplicantId",user.ApplicantId),
            new Claim("AccessCodeId",user.AccessCodeId),
            new Claim ( "Registered", "YES")
        };

        identity.AddClaims(claims);

        var principal = new ClaimsPrincipal(identity);

        // turn into Principal
        HttpContext.User = principal;

        AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = isPersistent }, identity);
    }