我想做的是在身份验证后添加声明。以下注册OnTokenValidation事件的示例并不能解决问题。该事件永远不会触发。
我正在使用Microsoft.Identity.WebAzure AD B2C 进行身份验证。那部分有效!如何使用 注册事件AddMicrosoftIdentityWebAppAuthentication?
services.AddMicrosoftIdentityWebAppAuthentication(Configuration, "AzureAdB2C")
.EnableTokenAcquisitionToCallDownstreamApi(new string[] {Configuration["DemoApi:ServiceScope"]})
.AddInMemoryTokenCaches();
services.Configure<OpenIdConnectOptions>(AzureADB2CDefaults.OpenIdScheme, options =>
{
options.Events = new OpenIdConnectEvents
{
OnTokenValidated = ctx =>
{
//query groups with graph api to get the role
// add claims
var claims = new List<Claim>
{
new Claim(ClaimTypes.Role, "superadmin")
};
var appIdentity = new ClaimsIdentity(claims);
ctx.Principal.AddIdentity(appIdentity);
return Task.CompletedTask;
},
};
});