[英]Blazor Server and CleanCode - ASP.NET Core Identity
我无法使用 ASP.NET 核心身份将身份连接到 Blazor 服务器。 特别是在 Blazor 页面中正确登录 state (而我从 Blazor 页面获取它们)。
我认为这与在另一个项目中初始化的某些启动有关 - 但不确定如何调试它或解决方案能够正确登录 state。
复制步骤和下面作为 POC 的 GH repo 链接。
背景
I'm porting over the clean-code project by JasonTaylor from Angular / ASP.NET Core to a Blazor server project with ASP.NET Core Identity.
问题
应用程序运行起来,我可以在注册时浏览页面我可以在基于身份的默认页面中看到登录的 state,但在使用AuthorizeView的 Blazor 页面中(例如LoginDisplay.razor不知道被授权)。
Blazor项目中的启动:
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
services.AddApplication();
services.AddInfrastructure(Configuration);
services.AddDatabaseDeveloperPageExceptionFilter();
services.AddSingleton<ICurrentUserService, CurrentUserService>();
services.AddHttpContextAccessor();
services.AddHealthChecks()
.AddDbContextCheck<ApplicationDbContext>();
services.AddRazorPages();
services.AddServerSideBlazor();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseMigrationsEndPoint();
}
else
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHealthChecks("/health");
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseIdentityServer();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
endpoints.MapBlazorHub();
endpoints.MapFallbackToPage("/_Host");
});
}
}
启动时另一个项目中的AddInfrastructure引用:
public static class DependencyInjection
{
public static IServiceCollection AddInfrastructure(this IServiceCollection services, IConfiguration configuration)
{
if (configuration.GetValue<bool>("UseInMemoryDatabase"))
{
services.AddDbContext<ApplicationDbContext>(options =>
options.UseInMemoryDatabase("CleanArchitectureDb"));
}
else
{
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(
configuration.GetConnectionString("DefaultConnection"),
b => b.MigrationsAssembly(typeof(ApplicationDbContext).Assembly.FullName)));
}
services.AddScoped<IApplicationDbContext>(provider => provider.GetService<ApplicationDbContext>());
services.AddScoped<IDomainEventService, DomainEventService>();
services
.AddDefaultIdentity<ApplicationUser>()
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddIdentityServer()
.AddApiAuthorization<ApplicationUser, ApplicationDbContext>();
services.AddScoped<AuthenticationStateProvider, RevalidatingIdentityAuthenticationStateProvider<ApplicationUser>>();
services.AddDatabaseDeveloperPageExceptionFilter();
services.AddTransient<IDateTime, DateTimeService>();
services.AddTransient<IIdentityService, IdentityService>();
services.AddTransient<ICsvFileBuilder, CsvFileBuilder>();
services.AddAuthentication()
.AddIdentityServerJwt();
services.AddAuthorization(options =>
{
options.AddPolicy("CanPurge", policy => policy.RequireRole("Administrator"));
});
return services;
}
}
public class RevalidatingIdentityAuthenticationStateProvider<TUser>
: RevalidatingServerAuthenticationStateProvider where TUser : class
{
private readonly IServiceScopeFactory _scopeFactory;
private readonly IdentityOptions _options;
public RevalidatingIdentityAuthenticationStateProvider(
ILoggerFactory loggerFactory,
IServiceScopeFactory scopeFactory,
IOptions<IdentityOptions> optionsAccessor)
: base(loggerFactory)
{
_scopeFactory = scopeFactory;
_options = optionsAccessor.Value;
}
protected override TimeSpan RevalidationInterval => TimeSpan.FromMinutes(30);
protected override async Task<bool> ValidateAuthenticationStateAsync(
AuthenticationState authenticationState, CancellationToken cancellationToken)
{
// Get the user manager from a new scope to ensure it fetches fresh data
var scope = _scopeFactory.CreateScope();
try
{
var userManager = scope.ServiceProvider.GetRequiredService<UserManager<TUser>>();
return await ValidateSecurityStampAsync(userManager, authenticationState.User);
}
finally
{
if (scope is IAsyncDisposable asyncDisposable)
{
await asyncDisposable.DisposeAsync();
}
else
{
scope.Dispose();
}
}
}
private async Task<bool> ValidateSecurityStampAsync(UserManager<TUser> userManager, ClaimsPrincipal principal)
{
var user = await userManager.GetUserAsync(principal);
if (user == null)
{
return false;
}
else if (!userManager.SupportsUserSecurityStamp)
{
return true;
}
else
{
var principalStamp = principal.FindFirstValue(_options.ClaimsIdentity.SecurityStampClaimType);
var userStamp = await userManager.GetSecurityStampAsync(user);
return principalStamp == userStamp;
}
}
}
重现步骤
如果有人喜欢看,请将我的更改推向 GH: https://github.com/davidshorter/CleanCodeBlazor/tree/Rework
这是混合 IdentityServer 和 ASP.net 身份的问题。
通过删除Microsoft.AspNetCore.ApiAuthorization.IdentityServer并使用基础 class 从ApiAuthorizationDbContext<ApplicationUser>回到IdentityDbContext<ApplicationUser>解决了这个问题。
在 Blazor 中一起使用 ASP.Net Core Identity 和 Azure 身份验证
[英]Using ASP.Net Core Identity and Azure authentication together in Blazor
Blazor WASM Asp.net 核心是否托管 = Blazor 服务器端?
[英]Is Blazor WASM Asp.net core Hosted = Blazor server side?
ASP .NET Core Blazor 服务器 Microsoft Identity 远程用户注销
[英]ASP .NET Core Blazor Server Microsoft Identity remotely user logout
Identity Server 4, ASP.NET Core Identity and registration return url
[英]Identity Server 4, ASP.NET Core Identity and registration return url
Identity Server 4(2.0)不读取Asp.Net核心标识cookie
[英]Identity Server 4 (2.0) not reading Asp.Net Core Identity cookies
ASP.NET Identity vs ASP.NET Identity Core:与 Identity Server 等的区别和用法?
[英]ASP.NET Identity vs ASP.NET Identity Core: Differences and Usage with Identity Server, etc.?
Identity Server 4 Asp.Net Identity + EF Core 未播种
[英]Identity Server 4 Asp.Net Identity + EF Core not Seeding
Blazor 服务器与 ASP.NET 核心 MVC controller,验证问题
[英]Blazor server with ASP.NET Core MVC controller, validation issue
Blazor,ASP.NET Core 托管与 ASP.NET Core 中的服务器端
[英]Blazor, ASP.NET Core Hosted vs Server Side in ASP.NET Core
Asp.Net Core-来自其他服务器的自定义授权和身份?
[英]Asp.Net Core - Custom Authorization and Identity from another server?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.