diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs index f3b0495c2e..58a2391456 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs @@ -47,6 +47,7 @@ public class AbpOpenIddictAspNetCoreModule : AbpModule AbpClaimTypes.PhoneNumberVerified = OpenIddictConstants.Claims.PhoneNumberVerified; AbpClaimTypes.Email = OpenIddictConstants.Claims.Email; AbpClaimTypes.EmailVerified = OpenIddictConstants.Claims.EmailVerified; + AbpClaimTypes.ClientId = OpenIddictConstants.Claims.ClientId; } var openIddictBuilder = services.AddOpenIddict() diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.ClientCredentials.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.ClientCredentials.cs index 21fa7bf1cd..8e0b9b6576 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.ClientCredentials.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.ClientCredentials.cs @@ -28,10 +28,6 @@ public partial class TokenController TokenValidationParameters.DefaultAuthenticationType, OpenIddictConstants.Claims.PreferredUsername, OpenIddictConstants.Claims.Role); - // Use the client_id as the subject identifier. - identity.AddClaim(OpenIddictConstants.Claims.Subject, await ApplicationManager.GetClientIdAsync(application), - OpenIddictConstants.Destinations.AccessToken, OpenIddictConstants.Destinations.IdentityToken); - identity.AddClaim(OpenIddictConstants.Claims.PreferredUsername, await ApplicationManager.GetDisplayNameAsync(application), OpenIddictConstants.Destinations.AccessToken, OpenIddictConstants.Destinations.IdentityToken); diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/OpenIddictClaimsPrincipalContributor.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/OpenIddictClaimsPrincipalContributor.cs index 22df84df23..e951e1ffdd 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/OpenIddictClaimsPrincipalContributor.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/OpenIddictClaimsPrincipalContributor.cs @@ -1,7 +1,10 @@ +using System; using System.Linq; using System.Security.Claims; using System.Security.Principal; using System.Threading.Tasks; +using Microsoft.AspNetCore; +using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Identity; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Options; @@ -26,6 +29,16 @@ public class OpenIddictClaimsPrincipalContributor : IAbpClaimsPrincipalContribut identity.AddIfNotContains(new Claim(OpenIddictConstants.Claims.PreferredUsername, usernameClaim.Value)); identity.AddIfNotContains(new Claim(JwtRegisteredClaimNames.UniqueName, usernameClaim.Value)); } + + var httpContext = context.ServiceProvider.GetRequiredService().HttpContext; + if (httpContext != null) + { + var clientId = httpContext.GetOpenIddictServerRequest()?.ClientId; + if (clientId != null) + { + identity.AddClaim(OpenIddictConstants.Claims.ClientId, clientId, OpenIddictConstants.Destinations.AccessToken); + } + } } return Task.CompletedTask;