时间戳

首页 > 技术文章 > ASP.NET Core分布式项目-1.IdentityServer4登录中心

ASP.NET Core分布式项目-1.IdentityServer4登录中心

MingQiu 2018-01-12 15:24 原文

 源码下载

一.添加服务端的api 

1.添加NUGet包 IdentityServer4

 

 

点击下载,重新生成

 

 2。添加Startup配置

打开Startup文件

 public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            //添加依赖注入配置
            services.AddIdentityServer()
                .AddDeveloperSigningCredential();
            services.AddMvc();
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            app.UseIdentityServer();
            //app.UseMvc();
        }
    }

  3.添加config配置,添加一个config类

    public class config
    {
        public static IEnumerable<ApiResource> GetResources()
        {
            return new List<ApiResource> { new ApiResource("api","MQapi")};
        }

        public static IEnumerable<Client> GetClients()
        {
            return new List<Client>
            {
                new Client()
                {
                    ClientId="ClientId",
                    AllowedGrantTypes=GrantTypes.ClientCredentials,
                    ClientSecrets={ new Secret("secrt".Sha256())},
                    AllowedScopes={ "api"}
                }
            };
        }
    }

  4.修改IdentityServer的配置,打开Startup文件

 public void ConfigureServices(IServiceCollection services)
        {
            //添加依赖注入配置
            services.AddIdentityServer()
                .AddDeveloperSigningCredential()
                .AddInMemoryApiResources(config.GetResources())
                .AddInMemoryClients(config.GetClients());
            services.AddMvc();
        }

  

运行在浏览器中输入http://localhost:51227/.well-known/openid-configuration

 

 

 二,添加客户端的api

添加一个api项目 ClientCredentialApi, 应用NuGet 包IdentityServer4.AccessTokenValidation

在控制器上添加[Authorize]标识。

然后在Startup文件里把认证授权添加进来

public void ConfigureServices(IServiceCollection services)
        {
            services.AddAuthentication("Bearer")
                .AddIdentityServerAuthentication(c =>
                {
                    c.Authority = "http://localhost:50000";
                    c.RequireHttpsMetadata = false;
                    c.ApiName = "api";
                });
            services.AddMvc();
        }

  

我们用visual studio code 把两个项目打开

运行WebApiIdentityServer项目 dotnet run

 

打开浏览器http://localhost:50000/.well-known/openid-configuration

 

 可以通过http://localhost:50000/connect/token 这个拿到token

打开Postman

post访问http://localhost:50000/connect/token

参数是在这里设置的

 

我再启动客户端

打开postMan去访问http://localhost:50001/api/values

 

 

 最后一张流程图

 

推荐阅读