csharp 这是用于非常高级别的客户端证书的MVC身份验证管道的示例

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了csharp 这是用于非常高级别的客户端证书的MVC身份验证管道的示例相关的知识,希望对你有一定的参考价值。

public class Startup
    {
        public void Configuration(IAppBuilder appBuilder)
        {
            appBuilder.UseCustomAuthentication();

        }
    }
public class CustomAuthenticationOptions : AuthenticationOptions
    {
        public CustomAuthenticationOptions(string authenticationType) : base(authenticationType)
        {
        }

        public int MyProperty { get; set; }
    }
protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
        {
            //user validation task
            //ClientCertificateValidationResult validationResult = await Task<ClientCertificateValidationResult>.Run(() => ValidateCertificate(Request.Environment));
            bool validation = true;
            if (validation)
            {
                AuthenticationProperties authProperties = new AuthenticationProperties();
                authProperties.IssuedUtc = DateTime.UtcNow;
                authProperties.ExpiresUtc = DateTime.UtcNow.AddDays(1);
                authProperties.AllowRefresh = true;
                authProperties.IsPersistent = true;
                //user claims
                IList<Claim> claimCollection = new List<Claim>
                {
                    new Claim(ClaimTypes.Name, "Andras")
                    , new Claim(ClaimTypes.Country, "Sweden")
                    , new Claim(ClaimTypes.Gender, "M")
                    , new Claim(ClaimTypes.Surname, "Nemes")
                    , new Claim(ClaimTypes.Email, "hello@me.com")
                    , new Claim(ClaimTypes.Role, "IT")
                    , new Claim("HasValidClientCertificate", "true")
                };
                ClaimsIdentity claimsIdentity = new ClaimsIdentity(claimCollection, "myCustomType");
                AuthenticationTicket ticket = new AuthenticationTicket(claimsIdentity, authProperties);
                return ticket;
            }
            return await Task.FromResult<AuthenticationTicket>(null);
        }

        //this is ran awaitable from able by the invoke, I could use this to get the users claims
        //private ClientCertificateValidationResult ValidateCertificate(IDictionary<string, object> owinEnvironment)
        //{
        //    if (owinEnvironment.ContainsKey(_owinClientCertKey))
        //    {
        //        X509Certificate2 clientCert = Context.Get<X509Certificate2>(_owinClientCertKey);
        //        return _clientCertificateValidator.Validate(clientCert);
        //    }

        //    ClientCertificateValidationResult invalid = new ClientCertificateValidationResult(false);
        //    invalid.AddValidationException("There's no client certificate attached to the request.");
        //    return invalid;
        //}
    }
public static class CustomAuthenticationExtension
    {
        public static void UseCustomAuthentication(this IAppBuilder appBuilder)
        {
            appBuilder.Use<CustomAuthMiddleware>(new CustomAuthenticationOptions("CustomAuthenticationType"));
        }
    }
public class CustomAuthMiddleware : AuthenticationMiddleware<CustomAuthenticationOptions>
    {
        public CustomAuthMiddleware(OwinMiddleware next, CustomAuthenticationOptions options) : base(next, options)
        {

        }

        protected override AuthenticationHandler<CustomAuthenticationOptions> CreateHandler()
        {
            return new CustomAuthenticationHandler();
        }
    }

以上是关于csharp 这是用于非常高级别的客户端证书的MVC身份验证管道的示例的主要内容,如果未能解决你的问题,请参考以下文章

csharp 设置回调以验证FTP服务器对本地计算机的证书存储区传递给FTP客户端的证书。

使用 WinInet 的客户端身份验证(证书 + 私钥)

用于创建和签署客户端证书的SSL中间CA

Elasticsearch 高级别的客户端多字段搜索

如何测试客户端证书

NetApp Advance为企业提供更高级别的混合云灵活性和效率