如何在ASP.NET CORE 2.1 API中的AddAuthentication()中使用多个Aws Cognito用户池
[英]How to use multiple Aws Cognito Userpools in AddAuthentication() in a ASP.NET CORE 2.1 API
问题描述
the problem I have currently is that I have a ASP.NET CORE API where we use Aws Cognito users to authorize access to the API and that is working great. 
我目前遇到的问题是我有一个ASP.NET CORE API,我们在其中使用Aws Cognito用户授权对该API的访问,并且运行良好。 Now we need to authorize with a second user pool, so two different user pools can access the API. 现在,我们需要使用第二个用户池进行授权,以便两个不同的用户池可以访问API。 I have some trouble to how to add multiple audieces/authorities in AddAuthentication/AddJwtBearer, it seems like the methods can not take two schemas with the same name of, "Bearer", anybody knows how this could be done? 我在如何在AddAuthentication / AddJwtBearer中添加多个听觉对象/权限时遇到了一些麻烦,似乎这些方法不能采用名称相同的两个模式“ Bearer”,有人知道该怎么做吗?
I have already tried to add multiple AddJwtBearer, which crashes the API. 我已经尝试添加多个AddJwtBearer,这会使API崩溃。 Tried different things but most solutions uses multiple audiences but never talks about multiple authorities in the same time, if that makes sense. 尝试了不同的方法,但是大多数解决方案使用了多个受众,但是从没有同时谈论多个权限(如果有道理)。
Currently like this 目前喜欢这样
services.AddAuthentication("Bearer")
.AddJwtBearer(options =>
{
options.Audience = "AUDIENCE";
options.Authority = "AUTHORITY";
});
I want something like this 我想要这样的东西
services.AddAuthentication("Bearer")
.AddJwtBearer(options =>
{
options.Audience = "AUDIENCE";
options.Authority = "AUTHORITY";
})
.AddJwtBearer(options =>
{
options.Audience = "AUDIENCE2";
options.Authority = "AUTHORITY2";
});
The goal is that I want users of both user pools to be able to authorize to the API, thank you in advance for the help! 我的目标是希望两个用户池的用户都可以授权使用该API,在此先感谢您的帮助!
1 个解决方案
解决方案1
0 已采纳 2019-04-25 18:43:37
You have to add multiple bearers like you were doing, but with different names. 您必须像以前一样添加多个承载,但是要使用不同的名称。
services
.AddAuthentication()
.AddJwtBearer("Bearer1", options =>
{
options.Audience = "AUDIENCE";
options.Authority = "AUTHORITY";
})
.AddJwtBearer("Bearer2", options =>
{
options.Audience = "AUDIENCE2";
options.Authority = "AUTHORITY2";
});
Then instead of UseAuthentication() later, you have to add your own custom middleware. 然后,您必须添加自己的自定义中间件,而不是稍后使用UseAuthentication() 。
app.Use(async (context, next) =>
{
var result = await context.AuthenticateAsync("Bearer1");
if (!result.Succeeded)
{
result = await context.AuthenticateAsync("Bearer2");
}
context.User = result.Principal;
await next();
});
I haven't tried this myself, just piecing it together from the comments, so let me know if it works for you. 我自己还没有尝试过,只是将其与评论结合起来,所以让我知道它是否对您有用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.