做你对Silverlight应用程序实现JWT成功吗?
更新
在我的Silverlight客户端的代码,我加入智威汤逊令牌HTTP头的授权,为每个请求。为了添加标题,我创建了一个负责这个的行为(AttachRequestInformationEndpointBehavior)。下面的代码添加行为的ExampleDomainContext:
Partial Class ExampleDomainContext
Private Sub OnCreated()
Dim channelFactoryProperty As PropertyInfo = Me.DomainClient.GetType().GetProperty("ChannelFactory")
If (channelFactoryProperty IsNot Nothing) Then
Dim factory = TryCast(channelFactoryProperty.GetValue(Me.DomainClient, Nothing), channelFactory)
If factory IsNot Nothing Then
If Not factory.Endpoint.Behaviors.Contains(GetType(Infrastructure.WebServices.AttachRequestInformationEndpointBehavior)) Then
factory.Endpoint.Behaviors.Add(New Wintouch.Infrastructure.WebServices.AttachRequestInformationEndpointBehavior())
End If
End If
End If
End Sub
End Class
如果遵循的行为准则:
Public Class AttachRequestInformationEndpointBehavior
Implements IEndpointBehavior, IClientMessageInspector
Public Sub AddBindingParameters(endpoint As ServiceEndpoint, bindingParameters As BindingParameterCollection) Implements IEndpointBehavior.AddBindingParameters
End Sub
Public Sub ApplyClientBehavior(endpoint As ServiceEndpoint, clientRuntime As System.ServiceModel.Dispatcher.ClientRuntime) Implements IEndpointBehavior.ApplyClientBehavior
clientRuntime.MessageInspectors.Add(Me)
End Sub
Public Sub ApplyDispatchBehavior(endpoint As ServiceEndpoint, endpointDispatcher As System.ServiceModel.Dispatcher.EndpointDispatcher) Implements IEndpointBehavior.ApplyDispatchBehavior
End Sub
Public Sub Validate(endpoint As ServiceEndpoint) Implements IEndpointBehavior.Validate
End Sub
Public Sub AfterReceiveReply(ByRef reply As Message, correlationState As Object) Implements IClientMessageInspector.AfterReceiveReply
End Sub
Public Function BeforeSendRequest(ByRef request As Message, channel As IClientChannel) As Object Implements IClientMessageInspector.BeforeSendRequest
Dim header As HttpRequestMessageProperty
If request.Properties.ContainsKey(HttpRequestMessageProperty.Name) Then
header = CType(request.Properties(HttpRequestMessageProperty.Name), HttpRequestMessageProperty)
Else
header = New HttpRequestMessageProperty()
request.Properties.Add(HttpRequestMessageProperty.Name, header)
End If
header.Headers("Authorization") = "Bearer " + "the user token here..."
Return Nothing
End Function
在服务器端,我只是填充HttpContext.Current.User和线程。 CurrentPrincipal用从令牌中提取的信息。例如:
在Global.asax文件:
protected void Application_AcquireRequestState(Object sender, EventArgs e)
{
// code to read the token
var tokenHandler = new TokenHandler();
// get the token from the http request header
var authHeaders = Request.Headers.GetValues("Authorization");
if (authHeaders == null || authHeaders.Length < 1) return;
var authHeader = authHeaders[0].Split(' ');
var scheme = authHeader[0];
var tokenString = authHeader[1];
if (scheme != "Bearer") return;
// retrieves the principal from the token
IPrincipal principal = tokenHandler.ReadPrincipal(tokenString);
// set the relevant variables
Thread.CurrentPrincipal = principal;
HttpContext.Current.User = principal;
}
没有,成功是到很远的实现在Silverlight – Chirag
奇拉格智威汤逊的道理,其实我这样做。对于每个域服务,我创建了一个拦截器,将jwt令牌添加到http头。然后,在服务器上,我读取令牌并设置Principal。如果你想看我的代码,我可以寄给你。 – cangosta
你好Cangosta,谢谢你的发帖,请发邮件到我的邮箱[email protected] – Chirag