identityServer4 AuthorizationCode Flow
Posted spinoza
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了identityServer4 AuthorizationCode Flow相关的知识,希望对你有一定的参考价值。
1.mvc Client配置
(1)Startup
1 JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); 2 3 services.AddAuthentication(options => 4 5 options.DefaultScheme = "Cookies"; 6 options.DefaultChallengeScheme = "oidc"; 7 ) 8 .AddCookie("Cookies") 9 .AddOpenIdConnect("oidc", options => 10 11 options.SignInScheme = "Cookies"; 12 options.Authority = "http://localhost:5000"; 13 options.RequireHttpsMetadata = false; 14 options.ClientId = "mvc client"; 15 options.ClientSecret = "mvc secret"; 16 options.SaveTokens = true; 17 options.ResponseType = "code"; 18 19 options.Scope.Clear(); 20 options.Scope.Add("api1"); 21 options.Scope.Add("openid"); 22 options.Scope.Add("profile"); 23 options.Scope.Add(OidcConstants.StandardScopes.OfflineAccess); 24 25 );
(2)Controller
1 [Authorize] 2 public class HomeController : Controller 3 4 public async Task<IActionResult> Index() 5 6 var client = new HttpClient(); 7 var disco = await client.GetDiscoveryDocumentAsync("http://localhost:5000/"); 8 9 if (disco.IsError) 10 11 throw new Exception(disco.Error); 12 13 14 15 16 var accessToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.AccessToken); 17 18 client.SetBearerToken(accessToken); 19 20 var response = await client.GetAsync("http://localhost:5001/api/values"); 21 22 if (!response.IsSuccessStatusCode) 23 24 throw new Exception(response.ReasonPhrase); 25 26 27 var content = await response.Content.ReadAsStringAsync(); 28 return View("Index", content); 29 30 31 32 //return View(); 33 34 35 public async Task<IActionResult> Privacy() 36 37 var accessToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.AccessToken); 38 var idToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.IdToken); 39 40 var refreshToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.RefreshToken); 41 var authorizationCode = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.Code); 42 return View(); 43 44 45 [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)] 46 public IActionResult Error() 47 48 return View(new ErrorViewModel RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier ); 49 50 51 public async Task Logout() 52 53 await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); 54 55 await HttpContext.SignOutAsync("oidc"); 56 57
2.id4 配置
1 new Client 2 3 ClientId = "mvc client", 4 ClientName = "MVC Client", 5 AllowedGrantTypes = GrantTypes.CodeAndClientCredentials, 6 ClientSecrets = new Secret("mvc secret".Sha256()), 7 8 // where to redirect to after login 9 RedirectUris = "http://localhost:5002/signin-oidc" , 10 FrontChannelLogoutUri = "http://localhost:5002/signout-oidc", 11 // where to redirect to after logout 12 PostLogoutRedirectUris = "http://localhost:5002/signout-callback-oidc" , 13 14 AllowOfflineAccess = true, 15 16 AllowedScopes = new List<string> 17 "api1", 18 IdentityServerConstants.StandardScopes.OpenId, 19 IdentityServerConstants.StandardScopes.Profile 20 21 22
3.apiResource 在上一篇文章中
以上是关于identityServer4 AuthorizationCode Flow的主要内容,如果未能解决你的问题,请参考以下文章