更新时间:2023-02-24 20:13:09
我能够使用以下方法解决此问题-
I was able to solve this using the following method -
//ensure the token is a User role token only
identity.AddClaim(new Claim(ClaimTypes.Role, "User"));
身份"是
System.Security.Claims.Identity
然后在我的System.Web.Http.AuthorizeAttribute
实现中,我可以像这样检查索赔-
Then in my System.Web.Http.AuthorizeAttribute
implementation, I can check the claim like so-
//get claims of the Role type
var identity = (ClaimsIdentity)actionContext.RequestContext.Principal.Identity;
IEnumerable<Claim> claims = identity.Claims.Where(c => c.Type == ClaimTypes.Role);
//check if any claim for the User role, if so this is a non-privleged token
var nonPrivToken = claims.Any(c => c.Value == "User");