IdentityServer4身份认证授权入门-----客户端凭据、密码模式
一.简介 IdentityServer4 是为ASP.NET Core 系列量身打造的一款基于 OpenID Connect 和 OAuth 2.0 认证框架 特点: 1.认证服务 2.单点登录登出(SSO) 3.API访问控制 4.联合网关 5.专注于定制 6.成熟的开源系统 7.免费和商业支持 二.简单示例 1.创建ASP.NET Core 3.0 WebAPI项目 执行cmd命令:dotnet new webapi --name IdentityServerCenter ? ? ?2.打开项目 执行cmd命令:code IdentityServerSimple? 来打开VS Code ? ? ?3.nuget 安装IdentityServer4 执行Ctrl+Shift+p键 打开Command Palette(命令选项卡) 输入>nuget Package Manager:Add Package ? ? ?`输入IdentityServer4? 选择3.1.0 ? ? ?安装完成后 ? ? 4.执行命令:dotnet restore(?还原依赖项和工具包) ? ? ?5.创建Config类 using System.Collections.Generic; IdentityServer4.Models; namespace IdentityServerCenter{ public class Config{ static IEnumerable<ApiResource> GetResources() { return new List<ApiResource>{new ApiResource("api",MyAPI")}; } static IEnumerable<Client> GetClients() { new List<Client>{ new Client{ClientId=clientGrantTypes.ClientCredentials,ClientSecrets={new Secret(secret.Sha256())},AllowedScopes={} }}; } } } 6.配置Startup类 System; System.Linq; System.Threading.Tasks; Microsoft.AspNetCore.Builder; Microsoft.AspNetCore.Hosting; Microsoft.AspNetCore.HttpsPolicy; Microsoft.AspNetCore.Mvc; Microsoft.Extensions.Configuration; Microsoft.Extensions.DependencyInjection; Microsoft.Extensions.Hosting; Microsoft.Extensions.Logging; IdentityServer4; IdentityServerCenter { Startup { public Startup(IConfiguration configuration) { Configuration = configuration; } public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container. void ConfigureServices(IServiceCollection services) { services.AddIdentityServer().AddDeveloperSigningCredential().AddInMemoryApiResources(Config.GetResources()).AddInMemoryClients(Config.GetClients()); services.AddControllers(); } This method gets called by the runtime. Use this method to configure the HTTP request pipeline. Configure(IApplicationBuilder app,IWebHostEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } app.UseHttpsRedirection(); app.UseRouting(); app.UseAuthorization(); app.UseIdentityServer(); } } } 7.配置Progarm类 Microsoft.Extensions.Logging; Program { static void Main(string[] args) { CreateHostBuilder(args).Build().Run(); } static IHostBuilder CreateHostBuilder(string[] args) => Host.CreateDefaultBuilder(args) .ConfigureWebHostDefaults(webBuilder => { webBuilder.UseStartup<Startup>().UseUrls(http://localhost:5000); }); } } 8.运行服务端项目: 执行命令:dotnet run 访问地址:http://localhost:5000/.well-known/openid-configuration ? ? ? 三.客户端集成IdentityServer 1.创建项目 执行cmd命令:dotnet new webapi --name ClientCredentialApi ? ? 2. 添加Package 执行命令:dotnet add package Microsoft.AspNetCore.Authentication.JwtBearer ? ? 3.添加IdentityController类 Microsoft.AspNetCore.Authorization; Microsoft.AspNetCore.Mvc; ClientCredentialApi.Controllers{ [Route(identity)] [Authorize] IdentityController:ControllerBase{ [HttpGet] IActionResult Get() { new JsonResult(new {Msg=Success200}); } } } 4.配置Startup类 ClientCredentialApi { ConfigureServices(IServiceCollection services) { services.AddControllers(); services.AddAuthentication(Bearer) .AddJwtBearer( { options.Authority = ; options.RequireHttpsMetadata = false; options.Audience = ; }); } (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } app.UseRouting(); app.UseAuthentication(); app.UseAuthorization(); app.UseEndpoints(endpoints => { endpoints.MapControllers(); }); } } } 5.配置Program类 http://localhost:50016.运行项目 |
- asp.net实现大视频上传
- asp.net-mvc-3 – 如何在NHibernate 3.2中实现通用存储库模
- ASP.NET webforms中的模型Binder
- [ASP NET MVC] 使用ReportViewer执行用户端报表定义文件(.r
- asp.net-mvc – MVC将null反序列化为“null”(字符串)
- asp.net-mvc – 为什么httphandler没有运行
- asp.net-mvc-4 – ASP.NET MVC4模型没有绑定
- asp.net-mvc – MVC3 TextBoxFor与EditorFor – 每个问题
- asp.net-mvc-3 – 一个窗体中的多个提交输入
- asp.net – WCF,WebAPI和OWIN IIS集成管道.根据路线跳过OWI
- entity-framework-4 – 通过扩展方法的IDbSet和公
- Shadow Copying导致ASP.NET应用启动很慢的解决办
- ASP.NET:以编程方式更改网站的文化
- asp.net – 如何使我的硒测试不那么脆弱?
- ASP.NET Core集成现有系统认证
- asp.net – 替换web.config变换中的IIS重写规则
- asp.net-mvc – 从Asp.net MVC2迁移到MVC4
- asp.net-mvc – 重载asp.net MVC Web API应用程序
- asp.net-mvc – 如何为特定的Controller / Actio
- asp.net-mvc – IE 11 SignalR不工作