identityServer4 AuthorizationCode Flow
时间:2019-06-11
本文章向大家介绍identityServer4 AuthorizationCode Flow,主要包括identityServer4 AuthorizationCode Flow使用实例、应用技巧、基本知识点总结和需要注意事项,具有一定的参考价值,需要的朋友可以参考一下。
1.mvc Client配置
(1)Startup
1 JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); 2 3 services.AddAuthentication(options => 4 { 5 options.DefaultScheme = "Cookies"; 6 options.DefaultChallengeScheme = "oidc"; 7 }) 8 .AddCookie("Cookies") 9 .AddOpenIdConnect("oidc", options => 10 { 11 options.SignInScheme = "Cookies"; 12 options.Authority = "http://localhost:5000"; 13 options.RequireHttpsMetadata = false; 14 options.ClientId = "mvc client"; 15 options.ClientSecret = "mvc secret"; 16 options.SaveTokens = true; 17 options.ResponseType = "code"; 18 19 options.Scope.Clear(); 20 options.Scope.Add("api1"); 21 options.Scope.Add("openid"); 22 options.Scope.Add("profile"); 23 options.Scope.Add(OidcConstants.StandardScopes.OfflineAccess); 24 25 });
(2)Controller
1 [Authorize] 2 public class HomeController : Controller 3 { 4 public async Task<IActionResult> Index() 5 { 6 var client = new HttpClient(); 7 var disco = await client.GetDiscoveryDocumentAsync("http://localhost:5000/"); 8 9 if (disco.IsError) 10 { 11 throw new Exception(disco.Error); 12 13 14 } 15 16 var accessToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.AccessToken); 17 18 client.SetBearerToken(accessToken); 19 20 var response = await client.GetAsync("http://localhost:5001/api/values"); 21 22 if (!response.IsSuccessStatusCode) 23 { 24 throw new Exception(response.ReasonPhrase); 25 } 26 27 var content = await response.Content.ReadAsStringAsync(); 28 return View("Index", content); 29 30 31 32 //return View(); 33 } 34 35 public async Task<IActionResult> Privacy() 36 { 37 var accessToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.AccessToken); 38 var idToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.IdToken); 39 40 var refreshToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.RefreshToken); 41 var authorizationCode = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.Code); 42 return View(); 43 } 44 45 [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)] 46 public IActionResult Error() 47 { 48 return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier }); 49 } 50 51 public async Task Logout() 52 { 53 await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); 54 55 await HttpContext.SignOutAsync("oidc"); 56 } 57 }
2.id4 配置
1 new Client 2 { 3 ClientId = "mvc client", 4 ClientName = "MVC Client", 5 AllowedGrantTypes = GrantTypes.CodeAndClientCredentials, 6 ClientSecrets = {new Secret("mvc secret".Sha256())}, 7 8 // where to redirect to after login 9 RedirectUris = { "http://localhost:5002/signin-oidc" }, 10 FrontChannelLogoutUri = "http://localhost:5002/signout-oidc", 11 // where to redirect to after logout 12 PostLogoutRedirectUris = { "http://localhost:5002/signout-callback-oidc" }, 13 14 AllowOfflineAccess = true, 15 16 AllowedScopes = new List<string> 17 { "api1", 18 IdentityServerConstants.StandardScopes.OpenId, 19 IdentityServerConstants.StandardScopes.Profile 20 21 } 22 }
3.apiResource 在上一篇文章中
原文地址:https://www.cnblogs.com/Spinoza/p/11006935.html
- HDUOJ--------A simple stone game(尼姆博弈扩展)(2008北京现场赛A题)
- HDUOJ----2485 Destroying the bus stations(2008北京现场赛A题)
- Go语言实践:从新手入门到上线真实的小型服务所遇到的那些坑
- Node.js真的无所不能?那些不适用的应用领域分析
- hdu-----2491Priest John's Busiest Day(2008 北京现场赛G)
- nyoj------79拦截导弹
- HDUOJ-------2719The Seven Percent Solution
- Golang记录、计算函数执行耗时、运行时间的一个简单方法
- uva----11729 Commando war (突击战争)
- uva-----11292 The Dragon of Loowater
- golang简单位运算示例
- 学编程,学单词.....在学习中积累自己的单词(不断更新__ing)
- 初学java之事件响应(结合接口来设置在同一个界面上!)
- 初学java之触发响应事件举例子
- JavaScript 教程
- JavaScript 编辑工具
- JavaScript 与HTML
- JavaScript 与Java
- JavaScript 数据结构
- JavaScript 基本数据类型
- JavaScript 特殊数据类型
- JavaScript 运算符
- JavaScript typeof 运算符
- JavaScript 表达式
- JavaScript 类型转换
- JavaScript 基本语法
- JavaScript 注释
- Javascript 基本处理流程
- Javascript 选择结构
- Javascript if 语句
- Javascript if 语句的嵌套
- Javascript switch 语句
- Javascript 循环结构
- Javascript 循环结构实例
- Javascript 跳转语句
- Javascript 控制语句总结
- Javascript 函数介绍
- Javascript 函数的定义
- Javascript 函数调用
- Javascript 几种特殊的函数
- JavaScript 内置函数简介
- Javascript eval() 函数
- Javascript isFinite() 函数
- Javascript isNaN() 函数
- parseInt() 与 parseFloat()
- escape() 与 unescape()
- Javascript 字符串介绍
- Javascript length属性
- javascript 字符串函数
- Javascript 日期对象简介
- Javascript 日期对象用途
- Date 对象属性和方法
- Javascript 数组是什么
- Javascript 创建数组
- Javascript 数组赋值与取值
- Javascript 数组属性和方法