public static class InMemoryConfig
{
public static IEnumerable<IdentityResource> GetIdentityResourceResources()
{
return new List<IdentityResource>
{
new IdentityResources.OpenId(), //必须要添加,否则报无效的scope错误
};
}
/// <summary>
/// Api Scopes
/// </summary>
/// <returns></returns>
public static IEnumerable<ApiScope> ApiScopes()
{
return new List<ApiScope>
{
new ApiScope("scope1","scope1")
};
}
/// <summary>
/// ApiResources
/// </summary>
/// <returns></returns>
public static IEnumerable<ApiResource> ApiResources()
{
return new[]
{
new ApiResource
{
Name = "api1",
DisplayName = "My Api1",
Scopes = { "scope1" }
}
};
}
/// <summary>
/// Clients
/// </summary>
/// <returns></returns>
public static IEnumerable<Client> Clients()
{
return new[]
{
new Client
{
ClientId = "client",
AllowedGrantTypes = GrantTypes.ClientCredentials,
ClientSecrets =
{
new Secret("secret".Sha256())
},
AllowedScopes =
{
"scope1",
IdentityServerConstants.StandardScopes.OpenId, //必须要添加,否则报forbidden错误
IdentityServerConstants.StandardScopes.Profile
}
}
};
}
}
public class Startup
{
private IHostEnvironment _hostingEnvironment;
private IConfiguration _configuration;
public Startup(IConfiguration configuration, IHostEnvironment hostingEnvironment)
{
_hostingEnvironment = hostingEnvironment;
_configuration = configuration;
}
// This method gets called by the runtime. Use this method to add services to the container.
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
public void ConfigureServices(IServiceCollection services)
{
services.AddControllersWithViews();
services.AddSingleton<IDbCommandContext, DbCommandContext>();
services.AddSingleton<IDbContext, DbContext>();
services.AddSingleton<IUserInfoRepository, UserInfoRepository>();
services.AddSingleton(new SdmapContext(MultipleAssemblyEmbeddedResourceSqlEmiter
.CreateFrom(new Assembly[] { AssemblyLoadContext.Default.LoadFromAssemblyName(new AssemblyName("IdentityServer")) })));
var builder = services.AddIdentityServer()
.AddResourceOwnerValidator<CustomResourceOwnerPasswordValidator>()
.AddProfileService<CustomProfileService>()
.AddInMemoryIdentityResources(InMemoryConfig.GetIdentityResourceResources())
.AddDeveloperSigningCredential()
.AddInMemoryClients(InMemoryConfig.Clients())
.AddInMemoryApiScopes(InMemoryConfig.ApiScopes())
.AddInMemoryApiResources(InMemoryConfig.ApiResources());
if (_hostingEnvironment.IsDevelopment())
{
builder.AddDeveloperSigningCredential();
}
else if (_hostingEnvironment.IsProduction())
{
//生产环境使用
//services.AddIdentityServer().AddSigningCredential(new X509Certificate2(
//Path.Combine(basePath, Configuration["Certificates:CerPath"]),
//Configuration["Certificates:Password"])
}
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseStaticFiles();
app.UseRouting();
app.UseIdentityServer();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(name: "default", pattern: "{controller=Account}/{action=Login}/{Id?}");
});
}
求解救,不知道为什么?
