[英].net core 3.0 authorize attribute with Policy, AuthenticationSchemes
I am trying to implement two authentication schemes in my app.我正在尝试在我的应用程序中实现两个身份验证方案。 In controller with authorize attribute, I set scheme that the controller has to use to authenticate.
在具有授权属性的 controller 中,我设置了 controller 必须用来进行身份验证的方案。 register auth:
注册授权:
Startup:启动:
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.ConfigureAuthentication();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseAuthentication();
app.UseAuthorization();
}
}
AuthenticationExtensions.cs: AuthenticationExtensions.cs:
public static class AuthenticationExtensions
{
public static IServiceCollection ConfigureAuthentication(this IServiceCollection services)
{
services.AddAuthentication(AuthConstants.DefaultScheme)
.AddScheme<AuthenticationSchemeOptions, DefaultSchemeHandler>(AuthConstants.DefaultScheme, AuthConstants.DefaultScheme, null)
.AddScheme<AuthenticationSchemeOptions, IdentityAuthenticationHandler>(AuthConstants.IdentityScheme, AuthConstants.IdentityScheme, null);
services.AddAuthorization(options =>
{
options.AddPolicy("IdentityAuthPolicy", policy =>
{
policy.AuthenticationSchemes.Add(AuthConstants.IdentityScheme);
policy.RequireAuthenticatedUser();
});
});
return services;
}
} }
In the controller, I define which authentication schemes to use:在 controller 中,我定义了要使用的身份验证方案:
[Authorize(AuthenticationSchemes = AuthConstants.IdentityScheme)]
[ApiController]
[Route("[controller]")]
public class UsersController : ControllerBase
{}
Problem: app tries to authenticate with default scheme after failing, tries the one that is specified in authorize attribute.问题:应用程序在失败后尝试使用默认方案进行身份验证,尝试在授权属性中指定的方案。 I want the app to use the only authentication scheme that I've defined in authorize attribute.
我希望应用程序使用我在授权属性中定义的唯一身份验证方案。 Also, I've tried to use Policy, but the outcome was the same.
另外,我尝试使用策略,但结果是一样的。
You should:你应该:
Add the Controllers Service添加控制器服务
Set up routing by adding the routing-related middlewares通过添加路由相关的中间件来设置路由
Register the Authorization middleware first by calling app.UseAuthorization()
before app.UseAuthentication()
在
app.UseAuthorization()
app.UseAuthentication()
注册授权中间件
Here is how your Startup
class code should like:以下是您的
Startup
class 代码的样子:
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(AuthConstants.DefaultScheme)
.AddScheme<AuthenticationSchemeOptions, DefaultSchemeHandler>(AuthConstants.DefaultScheme, AuthConstants.DefaultScheme, null)
.AddScheme<AuthenticationSchemeOptions, IdentityAuthenticationHandler>(AuthConstants.IdentityScheme, AuthConstants.IdentityScheme, null);
services.AddAuthorization(options =>
{
options.AddPolicy("IdentityAuthPolicy", policy =>
{
policy.AuthenticationSchemes.Add(AuthConstants.IdentityScheme);
policy.RequireAuthenticatedUser();
});
});
services.AddControllers();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseRouting();
app.UseAuthorization();
app.UseAuthentication();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
Afterwards, either use the AuthenticationSchemes
property of the [Authorize]
attribute or its Policy
property:之后,使用
[Authorize]
属性的AuthenticationSchemes
属性或其Policy
属性:
[Authorize(AuthenticationSchemes = AuthConstants.IdentityScheme)]
//[Authorize(Policy = "IdentityAuthPolicy")]
[ApiController]
[Route("[controller]")]
public class UsersController : ControllerBase
{
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.