string code = Request.Query("code");
string scope = Request.Query("scope");
string state = Request.Query("state");
string session_state = Request.Query("session_state");
var client = httpClientFactory.CreateClient();
var config = new DiscoveryDocumentRequest() { Address =“{IdentityServerBaseUrl}”, Policy = new DiscoveryPolicy() { RequireHttps = false } };
var disco = await client.GetDiscoveryDocumentAsync(config);
//var serverHostUri = new Uri(“{IdentityAdminLoginCallbackUri}”);
var tokenResponse = await client.RequestAuthorizationCodeTokenAsync(new AuthorizationCodeTokenRequest()
{
Address = disco.TokenEndpoint, //disco.TokenEndpoint,//disco.UserInfoEndpoint, //
ClientId = "{ClientId}",
ClientSecret ="{ClientSecret}",
Code = code,
CodeVerifier = null,
RedirectUri ="http://xxxx/oauth2/callback", //跳转回去的url,必须与前端跳转时候的路径一致
GrantType = GrantTypes.AuthorizationCode
});
if (tokenResponse.IsError) {
}
var userInfoResponse = await client.GetUserInfoAsync(new UserInfoRequest
{
Address = disco.UserInfoEndpoint,
Token = tokenResponse.AccessToken
});
#读取用户信息
var claim = userInfoResponse.Claims.Where(x => x.Type == "role").FirstOrDefault();
string userName = userInfoResponse.Json.GetValue("name").Value<string>();
string email = userInfoResponse.Json.GetValue("email").Value<string>();
client.GetDiscoveryDocumentAsync(config) 读取配置文件 /.well-known/openid-configuration
client.RequestAuthorizationCodeTokenAsync 调用token终端验证token是否有效
client.GetUserInfoAsync 调用用户信息终端,获取user-info
最终从 Claims 中解析出用户信息
友情链接:
全部评论