[英]How to migrate IdentityServer Bearer Token Authentication from asp.net to .net core 3.1
下面是现有的 asp.net 框架代码,我尝试了多种方法将相同的代码转换为 .net 核心,但它没有按预期工作。 请提出一些解决方案。
public void ConfigureAuth(IAppBuilder app, IntrospectionEndpointHandler introspectionEndpointHandler)
{
//Configure the db context and user manager to use a single instance per request
app.CreatePerOwinContext(UserDbContext.Create);
app.CreatePerOwinContext<UserManager>(UserManager.Create);
app.CreatePerOwinContext<RoleManager>(RoleManager.Create);
JwtSecurityTokenHandler.InboundClaimTypeMap.Clear();
// I am not able to find equlant method for UseIdentityServerBearerTokenAuthentication in . net core
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = ConfigurationManager.AppSettings["identityServerUrl"],
ValidationMode = ValidationMode.ValidationEndpoint,
IntrospectionHttpHandler = introspectionEndpointHandler,
BackchannelHttpHandler = introspectionEndpointHandler,
ClientId = ConfigurationManager.AppSettings["ResourceName"],
ClientSecret = ConfigurationManager.AppSettings["Secret"],
RequiredScopes = new[]
{
ConfigurationManager.AppSettings["testScope"]
}
});
app.Use<ServiceProvisionMiddleware>();
}
我认为最好的办法是将Microsoft.AspNetCore.Authentication.JwtBearer与Microsoft.IdentityModel.Tokens一起安装,当然还有Microsoft.AspNetCore.Identity.EntityFrameworkCore 。
可能等效的方法(尽管语义不完全相同)是AddJwtBearer
。
当我在 ASPnet 核心中设置 Jwt 时,我这样做:
启动文件
public void ConfigureServices(IServiceCollection services){
// (...)
// identity
services.AddIdentity<IdentityUser, IdentityRole>()
.AddEntityFrameworkStores<IdentityDbContext<IdentityUser>>()
.AddDefaultTokenProviders();
// authentication
services.AddAuthentication( options => {
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer( options => {
options.Authority = "my-authority",
options.BackchannelHttpHandler = myCustomHttpHandler,
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new TokenValidationParameters {
ValidateIssuerSigningKey = true,
IssuerSigningKey = "my-super-secure-secret",
ValidateIssuer = true,
ValidIssuer = "my-issuer",
ValidateAudience = true,
ValidAudience = "my-audience"
};
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.