IdentityServer4登陆中心

Posted sunxuchu

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了IdentityServer4登陆中心相关的知识,希望对你有一定的参考价值。

1. 使用Vsual Studio Code 终端执行 dotnet new webapi --name IdentityServerSample 命令创建一个webapi 的 IdentityServer4Sample 项目

2. 添加Config.cs 类 

using System.Collections;
using System.Collections.Generic;
using IdentityServer4.Models;

namespace IdentityServiceSample
{
    public class Config
    {
        public static IEnumerable<ApiResource> GetResource()
        {

            return new List<ApiResource>(){
                new ApiResource("api","my api")
            };

        }

        public static IEnumerable<Client> GetClients()
        {

            return new List<Client>(){
                new Client(){ 
                    ClientId="client",
                     AllowedGrantTypes=GrantTypes.ClientCredentials,
                     ClientSecrets={new Secret("secrt".Sha256())},
                     AllowedScopes={"api"}
                }
            };
        }
    }
}

3. 修改 Startup.cs 如下 (安装IdentityServer4 包 当前使用的是2.1.1)

using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.HttpsPolicy;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using IdentityServer4;

namespace IdentityServiceSample
{
    public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            //1.注入IdentityServer
            services.AddIdentityServer().AddDeveloperSigningCredential().AddInMemoryApiResources(Config.GetResource())
            .AddInMemoryClients(Config.GetClients());

            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            else
            {
                app.UseHsts();
            }

            app.UseHttpsRedirection();
            // app.UseMvc();

            //2. 注册IdentityServer
            app.UseIdentityServer();
        }
    }
}

4. 修改 Program.cs    UseUrls 启动地址

using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Logging;

namespace IdentityServiceSample
{
    public class Program
    {
        public static void Main(string[] args)
        {
            CreateWebHostBuilder(args).Build().Run();
        }

        public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
            WebHost.CreateDefaultBuilder(args)
            .UseUrls("https://localhost:5000") //修改启动地址
                .UseStartup<Startup>();
    }
}

5. dotnet run 运行

可以用:https://localhost:5000/.well-known/openid-configuration 查看配置信息 类似于Endpoint 

{
    "issuer":"https://localhost:5000",
    "jwks_uri":"https://localhost:5000/.well-known/openid-configuration/jwks",
    "authorization_endpoint":"https://localhost:5000/connect/authorize",
    "token_endpoint":"https://localhost:5000/connect/token",
    "userinfo_endpoint":"https://localhost:5000/connect/userinfo",
    "end_session_endpoint":"https://localhost:5000/connect/endsession",
    "check_session_iframe":"https://localhost:5000/connect/checksession",
    "revocation_endpoint":"https://localhost:5000/connect/revocation",
    "introspection_endpoint":"https://localhost:5000/connect/introspect",
    "frontchannel_logout_supported":true,
    "frontchannel_logout_session_supported":true,
    "backchannel_logout_supported":true,
    "backchannel_logout_session_supported":true,
    "scopes_supported":[
        "api",
        "offline_access"
    ],
    "claims_supported":[

    ],
    "grant_types_supported":[
        "authorization_code",
        "client_credentials",
        "refresh_token",
        "implicit"
    ],
    "response_types_supported":[
        "code",
        "token",
        "id_token",
        "id_token token",
        "code id_token",
        "code token",
        "code id_token token"
    ],
    "response_modes_supported":[
        "form_post",
        "query",
        "fragment"
    ],
    "token_endpoint_auth_methods_supported":[
        "client_secret_basic",
        "client_secret_post"
    ],
    "subject_types_supported":[
        "public"
    ],
    "id_token_signing_alg_values_supported":[
        "RS256"
    ],
    "code_challenge_methods_supported":[
        "plain",
        "S256"
    ]
}

 

以上是关于IdentityServer4登陆中心的主要内容,如果未能解决你的问题,请参考以下文章

ASP.NET Core分布式项目实战IdentityServer4登录中心oauth密码模式identity server4实现

《java精品毕设》基于javaweb宠物领养平台管理系统(源码+毕设论文+sql):主要实现:个人中心,信息修改,填写领养信息,交流论坛,新闻,寄养信息,公告,宠物领养信息,我的寄养信息等(代码片段

技术分享|明源云天际集成开放平台接口中心基于IdentityServer4的鉴权机制

IdentityServer4 + SignalR Core +RabbitMQ 构建web即时通讯

IdentityServer4 综合应用实战系列 登录

angular 接入 IdentityServer4