IdentityServer4身份认证授权入门-----客户端凭据、密码模式

using System.Collections.Generic;
 IdentityServer4.Models;

namespace IdentityServerCenter{
    public class Config{
        static IEnumerable<ApiResource> GetResources()
        {
           return new List<ApiResource>{new ApiResource("api",MyAPI")};           
        }

        static IEnumerable<Client> GetClients()
        {
            new List<Client>{
            new Client{ClientId=clientGrantTypes.ClientCredentials,ClientSecrets={new Secret(secret.Sha256())},AllowedScopes={}
            }};
        }
    }
}

 System;
 System.Linq;
 System.Threading.Tasks;
 Microsoft.AspNetCore.Builder;
 Microsoft.AspNetCore.Hosting;
 Microsoft.AspNetCore.HttpsPolicy;
 Microsoft.AspNetCore.Mvc;
 Microsoft.Extensions.Configuration;
 Microsoft.Extensions.DependencyInjection;
 Microsoft.Extensions.Hosting;
 Microsoft.Extensions.Logging;
 IdentityServer4;

 IdentityServerCenter
{
     Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        void ConfigureServices(IServiceCollection services)
        {
            services.AddIdentityServer().AddDeveloperSigningCredential().AddInMemoryApiResources(Config.GetResources()).AddInMemoryClients(Config.GetClients());
            services.AddControllers();
        }

         This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
         Configure(IApplicationBuilder app,IWebHostEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }

            app.UseHttpsRedirection();

            app.UseRouting();

            app.UseAuthorization();

            app.UseIdentityServer();
 
        }
    }
}

 Microsoft.Extensions.Logging;

 Program
    {
        static void Main(string[] args)
        {
            CreateHostBuilder(args).Build().Run();
        }

        static IHostBuilder CreateHostBuilder(string[] args) =>
            Host.CreateDefaultBuilder(args)
                .ConfigureWebHostDefaults(webBuilder =>
                {
                    webBuilder.UseStartup<Startup>().UseUrls(http://localhost:5000);
                });
    }
}

 Microsoft.AspNetCore.Authorization;
 Microsoft.AspNetCore.Mvc;

 ClientCredentialApi.Controllers{
    
    [Route(identity)]
    [Authorize]
     IdentityController:ControllerBase{
        [HttpGet]
         IActionResult Get()
        {
            new JsonResult(new {Msg=Success200});
        }
    }
}

 ClientCredentialApi
{
     ConfigureServices(IServiceCollection services)
        {
            services.AddControllers();


            services.AddAuthentication(Bearer)
            .AddJwtBearer(
            {
                options.Authority = ;
                options.RequireHttpsMetadata = false;

                options.Audience = ;
            });
        }

         (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }

            app.UseRouting();

            app.UseAuthentication();
            app.UseAuthorization();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapControllers();
            });
        }
    }
}

http://localhost:50016.运行项目

执行命令：dotnet restore? dotnet run?

?
?
?7.输入：http://localhost:5001/identity
401：表示未授权

8.运行服务端和客户端
使用PostMan来获取Token
选择post请求
选择form-data
client_id:client??client_secret:secret?grant_type:client_credentials

?
?
?9.通过Token来验证
请求地址：http://localhost:5001/identity
请求方式：get
Headers: key:Authorization? value:Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ikt1Ni1YWk9HNWhYYUh3NHdWWGxwSXciLCJ0eXAiOiJhdCtqd3QifQ.eyJuYmYiOjE1ODA4MDYxODIsImV4cCI6MTU4MDgwOTc4MiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo1MDAwIiwiYXVkIjoiYXBpIiwiY2xpZW50X2lkIjoiY2xpZW50Iiwic2NvcGUiOlsiYXBpIl19.A7Mj6xanZfZaAartfFNb3Z6unZRxOGSHgUufcyKFAhL5Ojy5GsXeFlZBTWundXKIC5SILWHoafWrOFvVNcGtH4CxDgUDhlyMpkCRBJyPaAInbLIFqlX9HJLqxzqwUa2Y6qVKtmjBE4WQ9fg4cZSNGviEiqBe2nk2T_U-RLF-y3OMZ6tZblpVZrMYsRiUiyjum3jRJBXRJOw1JaG13OLLrKoEIWX43qRtLZT_5bScqcDJmx4gmcTDeZZZrmsoeT4A7Sr_5hFx_UgwD1edoZiikeFRSvUJZAhLJfuFSR72xMAWSmmqq_H8B3Ed158y0aQb_mHgT8zbQZbHHhIEKD94jg
?

?
?
?四.第三方ClientCredential模式调用
1.创建控制台项目
执行cmd命令：dotnet new console -n ThirdPartyDemo

?
?2.添加IdentityModel包
执行cmd命令：dotnet add package IdentityModel

?
?3.开始测试

  var client = new HttpClient();
            var disco = await client.GetDiscoveryDocumentAsync();
             (disco.IsError)
            {
                Console.WriteLine(disco.Error);
                return;
            }

            var tokenResponse = await client.RequestClientCredentialsTokenAsync( ClientCredentialsTokenRequest
            {
                Address = disco.TokenEndpoint,ClientId = ,ClientSecret = 
            });

             (tokenResponse.IsError)
            {
                Console.WriteLine(tokenResponse.Error);
                ;
            }

            Console.WriteLine(tokenResponse.Json);
           

            client.SetBearerToken(tokenResponse.AccessToken);

            var response = await client.GetAsync(http://localhost:5001/identityif (!response.IsSuccessStatusCode)
            {
                Console.WriteLine(response.StatusCode);
            }
            else
            {
                var content = await response.Content.ReadAsStringAsync();
                Console.WriteLine(content);
            }


?
?
?
错误解决：Versioning information could not be retrieved from theNuget package repository. Please try again later.
打开文件：C:UsersAdministrator.vscodeextensionsjmrog.vscode-nuget-package-manager-1.1.6outsrcactionsadd-methodsfetchPackageVersions.js

?
?
API文档:http://docs.identityserver.io/en/latest/index.html
中文文档：http://www.identityserver.com.cn/
代码地址：https://github.com/CodeInterface/IdentityServerSimple/tree/Simple
                        
（编辑：李大同）
【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!