雪花

IdentityServer4第二次介入了解(1)

一、配置

1、安装 IdentityServer4

2、InitMemoryData 中的配置信息如下:

using System.Collections.Generic;
using IdentityServer4.Models;

namespace SunnTu
{
    public class InitMemoryData
    {
        // scopes define the API resources in your system
        public static IEnumerable<ApiResource> GetApiResources()
        {
            return new List<ApiResource>
           {
               new ApiResource("inventoryapi", "this is inventory api"),
               new ApiResource("orderapi", "this is order api"),
               new ApiResource("productapi", "this is product api")
           };
        }

        // clients want to access resources (aka scopes)
        public static IEnumerable<Client> GetClients()
        {
            // client credentials client
            return new List<Client>
           {
               new Client
               {
                   ClientId = "inventory",
                   AllowedGrantTypes = GrantTypes.ClientCredentials,

                   ClientSecrets =
                   {
                       new Secret("inventorysecret".Sha256())
                   },

                   AllowedScopes = { "inventoryapi" }
               },
                new Client
               {
                   ClientId = "order",
                   AllowedGrantTypes = GrantTypes.ClientCredentials,

                   ClientSecrets =
                   {
                       new Secret("ordersecret".Sha256())
                   },

                   AllowedScopes = { "orderapi" }
               },
                new Client
               {
                   ClientId = "product",
                   AllowedGrantTypes = GrantTypes.ClientCredentials,

                   ClientSecrets =
                   {
                       new Secret("productsecret".Sha256())
                   },

                   AllowedScopes = { "productapi" }
               }
           };
        }
    }
}

 注意两种书写

using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using IdentityServer4.Models;
using IdentityServer4.Test;

namespace SunnTu
{
    public class OAuthMemoryData
    {
        /// <summary>
        /// Api资源 静态方式定义  4.x 需要配置 apiscope ,ApiResource替换apiscope
        /// </summary>
        /// <returns></returns>
        //public static IEnumerable<ApiScope> ApiScope()
        //{
        //    // return new List<ApiResource>
        //    //{
        //    //    new ApiResource("inventoryapi", "this is inventory api"),
        //    //    new ApiResource("orderapi", "this is order api"),
        //    //    new ApiResource("productapi", "this is product api")
        //    //};
        //    return new[]
        //   {
        //        new ApiScope("inventoryapi", "this is inventory api"),
        //        new ApiScope("orderapi", "this is order api"),
        //        new ApiScope("productapi", "this is product api")
        //    };
        //}

        public static IEnumerable<ApiResource> ApiResources =>
        new ApiResource[]
        {
                new ApiResource("inventoryApi","订单服务")
                {
                    ApiSecrets ={ new Secret("inventoryApi secret".Sha256()) },
                    Scopes = { "inventoryApiScope" }
                },
                new ApiResource("orderApi","订单服务")
                {
                    ApiSecrets ={ new Secret("orderApi secret".Sha256()) },
                    Scopes = { "orderApiScope" }
                },
                new ApiResource("productApi","产品服务")
                {
                    ApiSecrets ={ new Secret("productApi secret".Sha256()) },
                    Scopes = { "productApiScope" }
                }
        };

        public static IEnumerable<ApiScope> ApiScopes =>
        new ApiScope[]
        {
            new ApiScope("inventoryApiScope"),
            new ApiScope("orderApiScope"),
            new ApiScope("productApiScope"),
        };

        /// <summary>
        /// 客户端应用程序,使用它来访问我们的API资源
        /// </summary>
        /// <returns></returns>
        public static IEnumerable<Client> GetClients()
        {
            // client credentials client
            return new List<Client>
           {
               new Client
               {
                   ClientId = "inventory", //客服端名称
                   ClientName = "库存",//描述
                   AllowedGrantTypes = new List<string>()//配置授权类型,可以配置多个授权类型
                   {
                       GrantTypes.ResourceOwnerPassword.FirstOrDefault(),//授权类型,这里使用的是密码模式ResourceOwnerPassword
                   },
                   ClientSecrets =
                   {
                       new Secret("inventorysecret".Sha256()) //客户端加密方式
                   },
                   AccessTokenLifetime = OAuthConfig.ExpireIn, //配置Token 失效时间
                   AllowedScopes = { "inventoryApiScope" } //配置授权范围,这里指定哪些API 受此方式保护
               },
                new Client
               {
                   ClientId = "order", //订单
                   AllowedGrantTypes = GrantTypes.ResourceOwnerPasswordAndClientCredentials,

                   ClientSecrets =
                   {
                       new Secret("ordersecret".Sha256())
                   },

                   AllowedScopes = { "orderApiScope" }
               },
                new Client
               {
                   ClientId = "product", //产品
                   AllowedGrantTypes = GrantTypes.ResourceOwnerPasswordAndClientCredentials,

                   ClientSecrets =
                   {
                       new Secret("productsecret".Sha256())
                   },

                   AllowedScopes = { "productApiScope" }
               }
           };
        }

        /// <summary>
        /// 测试的账号和密码
        /// </summary>
        /// <returns></returns>
        public static List<TestUser> GetTestUsers()
        {
            return new List<TestUser>
            {
                new TestUser()
                {
                     SubjectId = "1",
                     Username = "test",
                     Password = "123456"
                }
            };
        }

        /*
         var settings = {
              "url": "http://localhost:5000/connect/token",
              "method": "POST",
              "timeout": 0,
              "headers": {
                "Content-Type": "application/x-www-form-urlencoded"
              },
              "data": {
                "client_id": "product",
                "client_secret": "productsecret",
                "grant_type": "password",
                "username": "test",
                "password": "123456"
              }
            };

            $.ajax(settings).done(function (response) {
              console.log(response);
            });
         */

        /*
         var settings = {
              "url": "http://localhost:5000/connect/token",
              "method": "POST",
              "timeout": 0,
              "headers": {
                "Content-Type": "application/x-www-form-urlencoded"
              },
              "data": {
                "client_id": "order",
                "client_secret": "ordersecret",
                "grant_type": "password",
                "username": "test",
                "password": "123456"
              }
            };

            $.ajax(settings).done(function (response) {
              console.log(response);
            });
         */

        /*
         var settings = {
              "url": "http://localhost:5000/connect/token",
              "method": "POST",
              "timeout": 0,
              "headers": {
                "Content-Type": "application/x-www-form-urlencoded"
              },
              "data": {
                "client_id": "inventory",
                "client_secret": "inventorysecret",
                "grant_type": "password",
                "username": "test",
                "password": "123456"
              }
            };

            $.ajax(settings).done(function (response) {
              console.log(response);
            });
         */
    }
}

这里调用

 注意:一开始以为是ApiScopes是4.x版本替换ApiResources的,才发现是不一样的

 

posted @ 2020-07-16 11:30  十色  阅读(204)  评论(0编辑  收藏  举报