问题
The Microsoft Docs just have this description:
Defines whether the bearer token should be stored in the AuthenticationProperties after a successful authorization.
I wondered if saving the JWT allows you to revoke it somehow, but every place I read about JWTs says they are irrevocable. What would you do with a JWT being stored in the AuthenticationProperties?
回答1:
Storing the JWT in the AuthenticationProperties allows you to retrieve it from elsewhere within your application. For example, use GetTokenAsync inside of an action, like this:
public async Task<IActionResult> SomeAction()
{
// using Microsoft.AspNetCore.Authentication;
var accessToken = await HttpContext.GetTokenAsync("access_token");
// ...
}
This is useful if, for example, you want to forward the JWT in an outgoing request.
来源:https://stackoverflow.com/questions/57057749/what-is-the-purpose-of-jwtbeareroptions-savetoken-property-in-asp-net-core-2-0