I'm creating my own authorization provider that extends from OAuthAuthorizationServerProvider.

我正在创建自己的授权提供程序，该提供程序从OAuthAuthorizationServerProvider扩展而来。

public class AsyncAuthorizationProvider : OAuthAuthorizationProvider {
     //...
     public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) {
         string username = context.UserName; //Returns the username sent in the request.
         string password = context.Password; //Returns the password sent in the request.
         //...
     }
}

As you can see OAuthGrantResourceOwnerCredentialsContext's context already comes with two useful properties for retrieving the username and password.

正如您所看到的，OAuthGrantResourceOwnerCredentialsContext的上下文已经带有两个用于检索用户名和密码的有用属性。

This information is sent by the user when requested to my oauth endpoint:

当请求到我的oauth端点时，用户发送此信息：

{
    "grant_type": "password",
    "client_id": "someClientId",
    "client_secret": "someClientSecret",
    "username": "myUsername",
    "password": "myPassword"
}

This JSON is stored in the OAuth context, but what if I want to send my userId instead of my username?. What if my application allows for duplicate usernames and I want to use the id to uniquely identify one?

此JSON存储在OAuth上下文中，但如果我想发送userId而不是我的用户名，该怎么办？如果我的应用程序允许重复的用户名并且我想使用id来唯一标识一个用户名，该怎么办？

Of course, I can send my Id as "username": "myUserId". But this doesn't seem right.

当然，我可以将我的ID作为“用户名”：“myUserId”发送。但这似乎不对。

username should contain an username. This may confuse consumers.

用户名应包含用户名。这可能使消费者感到困惑。

Is there a way to send an userId and to retrieve it from the context?

有没有办法发送userId并从上下文中检索它？

1 个解决方案

var formCollection = (Microsoft.Owin.FormCollection)context.Parameters;

var userId = formCollection.Get("userId");

#1

var formCollection = (Microsoft.Owin.FormCollection)context.Parameters;

var userId = formCollection.Get("userId");