.net 核心 3.0 授权属性与 Policy、AuthenticationSchemes
[英].net core 3.0 authorize attribute with Policy, AuthenticationSchemes
问题描述
I am trying to implement two authentication schemes in my app.
我正在尝试在我的应用程序中实现两个身份验证方案。 In controller with authorize attribute, I set scheme that the controller has to use to authenticate.在具有授权属性的 controller 中,我设置了 controller 必须用来进行身份验证的方案。 register auth:注册授权:
Startup:启动:
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.ConfigureAuthentication();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseAuthentication();
app.UseAuthorization();
}
}
AuthenticationExtensions.cs: AuthenticationExtensions.cs:
public static class AuthenticationExtensions
{
public static IServiceCollection ConfigureAuthentication(this IServiceCollection services)
{
services.AddAuthentication(AuthConstants.DefaultScheme)
.AddScheme<AuthenticationSchemeOptions, DefaultSchemeHandler>(AuthConstants.DefaultScheme, AuthConstants.DefaultScheme, null)
.AddScheme<AuthenticationSchemeOptions, IdentityAuthenticationHandler>(AuthConstants.IdentityScheme, AuthConstants.IdentityScheme, null);
services.AddAuthorization(options =>
{
options.AddPolicy("IdentityAuthPolicy", policy =>
{
policy.AuthenticationSchemes.Add(AuthConstants.IdentityScheme);
policy.RequireAuthenticatedUser();
});
});
return services;
}
} }
In the controller, I define which authentication schemes to use:在 controller 中,我定义了要使用的身份验证方案:
[Authorize(AuthenticationSchemes = AuthConstants.IdentityScheme)]
[ApiController]
[Route("[controller]")]
public class UsersController : ControllerBase
{}
Problem: app tries to authenticate with default scheme after failing, tries the one that is specified in authorize attribute.问题:应用程序在失败后尝试使用默认方案进行身份验证,尝试在授权属性中指定的方案。 I want the app to use the only authentication scheme that I've defined in authorize attribute.我希望应用程序使用我在授权属性中定义的唯一身份验证方案。 Also, I've tried to use Policy, but the outcome was the same.另外,我尝试使用策略,但结果是一样的。
1 个解决方案
解决方案1
0 2020-04-10 09:08:33
You should:你应该:
Add the Controllers Service
添加控制器服务Set up routing by adding the routing-related middlewares
通过添加路由相关的中间件来设置路由Register the Authorization middleware first by calling
app.UseAuthorization()beforeapp.UseAuthentication()在app.UseAuthorization()app.UseAuthentication()注册授权中间件
Here is how your Startup class code should like:以下是您的Startup class 代码的样子:
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(AuthConstants.DefaultScheme)
.AddScheme<AuthenticationSchemeOptions, DefaultSchemeHandler>(AuthConstants.DefaultScheme, AuthConstants.DefaultScheme, null)
.AddScheme<AuthenticationSchemeOptions, IdentityAuthenticationHandler>(AuthConstants.IdentityScheme, AuthConstants.IdentityScheme, null);
services.AddAuthorization(options =>
{
options.AddPolicy("IdentityAuthPolicy", policy =>
{
policy.AuthenticationSchemes.Add(AuthConstants.IdentityScheme);
policy.RequireAuthenticatedUser();
});
});
services.AddControllers();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseRouting();
app.UseAuthorization();
app.UseAuthentication();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
Afterwards, either use the AuthenticationSchemes property of the [Authorize] attribute or its Policy property:之后,使用[Authorize]属性的AuthenticationSchemes属性或其Policy属性:
[Authorize(AuthenticationSchemes = AuthConstants.IdentityScheme)]
//[Authorize(Policy = "IdentityAuthPolicy")]
[ApiController]
[Route("[controller]")]
public class UsersController : ControllerBase
{
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.