IdentityServer4简单入门demo

Posted 2022-01-25 wjx-blog

目录

一、认证服务端

二、API资源端

三、调用客户端

 

详细步骤

一、认证服务端

 1、新建一个名为“CertifiedCenter”的 asp.net core  web应用程序，如下图

 

　　

2、添加IdentityServer4的2个引用  IdentityServer4 和 IdentityServer4.AccessTokenValidation，如下图：

　　

　　

　　

 

3、添加Config.cs类，如下图：

　　

 　　Config.cs的内容如下：

using IdentityServer4.Models;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;

namespace CertifiedCenter

    public class Config
    
        public static IEnumerable<ApiResource> GetApiResources()
        
            return new List<ApiResource>
            
                //参数是资源名称,资源显示名称
                new ApiResource("GbaseDataSourceApi", "GbaseDataSourceApi")
            ;
        

        public static IEnumerable<Client> GetClients()
        
            return new List<Client>
            
                new Client
                
                    ClientId = "clientId",

                    AllowedGrantTypes = GrantTypes.ClientCredentials,

                    // 用于验证的secret
                    ClientSecrets =
                    
                        new Secret("123456".Sha256())
                    ,

                    // 允许的范围
                    AllowedScopes =  "api1" 
                
            ;
        
    

4、添加代码到Startup.cs，代码如下：

using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.HttpsPolicy;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;

namespace CertifiedCenter

    public class Startup
    
        public Startup(IConfiguration configuration)
        
            Configuration = configuration;
        

        public IConfiguration Configuration  get; 

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        
            services.Configure<CookiePolicyOptions>(options =>
            
                // This lambda determines whether user consent for non-essential cookies is needed for a given request.
                options.CheckConsentNeeded = context => true;
                options.MinimumSameSitePolicy = SameSiteMode.None;
            );

            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);

            services.AddIdentityServer()
            //设置临时签名凭据
            .AddDeveloperSigningCredential()
            //从Config类里面读取刚刚定义的Api资源
            .AddInMemoryApiResources(Config.GetApiResources())
            //从Config类里面读取刚刚定义的Client集合
            .AddInMemoryClients(Config.GetClients());
        

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        
            if (env.IsDevelopment())
            
                app.UseDeveloperExceptionPage();
            
            else
            
                app.UseExceptionHandler("/Home/Error");
                app.UseHsts();
            

            //app.UseHttpsRedirection();
            app.UseStaticFiles();
            app.UseCookiePolicy();

            app.UseMvc(routes =>
            
                routes.MapRoute(
                    name: "default",
                    template: "controller=Home/action=Index/id?");
            );

            app.UseIdentityServer();
        
    

5、最后一步，修改端口号，把端口改为5000，如下图

　　

 明天做 API资源端的Demo