在本地数据库中搜索用户并向用户身份添加声明

发布于 2025-01-12 16:35:05 字数 1471 浏览 6 评论 0原文

我有一个内部使用的 Blazor 网页，想要使用我的 Azure AD 进行身份验证。用户登录后，我想从我的现场数据库中的 AzureID 搜索他们的姓名/ID/某些内容，并添加他们的员工编号，以便我可以在整个程序中使用它。

这是最好的方法吗？

services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
                .AddMicrosoftIdentityWebApp(
                    options =>
                    {
                        Configuration.Bind("AzureAd", options);
                        options.Events = new OpenIdConnectEvents();                   
                        options.Events.OnTokenValidated = OnTokenValidatedFunc;
                    }, options => { Configuration.Bind("AzureAd", options); })
                .EnableTokenAcquisitionToCallDownstreamApi(options => Configuration.Bind("AzureAd", options), initialScopes)
                .AddMicrosoftGraph(Configuration.GetSection("GraphAPI"))
                .AddInMemoryTokenCaches();

它将使用该事件来搜索我的 EmployeeID

var oid = context.SecurityToken.Payload.FirstOrDefault(z => z.Key == "oid");
// Get the user his ID from the database
var employee = EmployeeLogic.GetEmployee()
                .FirstOrDefault(x => x.AzureObjectId == oid.Value.ToString());

context.Principal?.Identities.FirstOrDefault()?
  .AddClaim(new Claim("EmployeeID", employeeId.ToString(CultureInfo.InvariantCulture)));

，或者是否有更好的方法来添加我可以用作本地数据库标识符的内容。

提前致谢莫里斯

原文

I have an internally used Blazor webpage and want to use my Azure AD to authenticate against. After the user is logged in I want to search their name/ID/Something from AzureID in my onsite database and add their employee number so I can use it in the whole program.

Is this the best way?

services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
                .AddMicrosoftIdentityWebApp(
                    options =>
                    {
                        Configuration.Bind("AzureAd", options);
                        options.Events = new OpenIdConnectEvents();                   
                        options.Events.OnTokenValidated = OnTokenValidatedFunc;
                    }, options => { Configuration.Bind("AzureAd", options); })
                .EnableTokenAcquisitionToCallDownstreamApi(options => Configuration.Bind("AzureAd", options), initialScopes)
                .AddMicrosoftGraph(Configuration.GetSection("GraphAPI"))
                .AddInMemoryTokenCaches();

Which will use the event to search for my EmployeeID

var oid = context.SecurityToken.Payload.FirstOrDefault(z => z.Key == "oid");
// Get the user his ID from the database
var employee = EmployeeLogic.GetEmployee()
                .FirstOrDefault(x => x.AzureObjectId == oid.Value.ToString());

context.Principal?.Identities.FirstOrDefault()?
  .AddClaim(new Claim("EmployeeID", employeeId.ToString(CultureInfo.InvariantCulture)));

or is there a better way to add something which I can use as Identifier to my local Database.

thanks in advance
Maurice

分享到QQ

分享到微博