欢迎访问我的个人博客:三秋邦

aspnetcore 认证相关类简要说明三

今天我们再来了解一个很重要的接口IAuthenticationService的实现类AuthenticationService:

public class AuthenticationService : IAuthenticationService
{
        public AuthenticationService(IAuthenticationSchemeProvider schemes, IAuthenticationHandlerProvider handlers, IClaimsTransformation transform)
        {
            Schemes = schemes;
            Handlers = handlers;
            Transform = transform;
        }

        public IAuthenticationSchemeProvider Schemes { get; }
        public IAuthenticationHandlerProvider Handlers { get; }
        public IClaimsTransformation Transform { get; }

        public virtual async Task<AuthenticateResult> AuthenticateAsync(HttpContext context, string scheme)
        {
            if (scheme == null)
            {
                var defaultScheme = await Schemes.GetDefaultAuthenticateSchemeAsync();
                scheme = defaultScheme?.Name;
                if (scheme == null)
                {
                    throw new InvalidOperationException($"No authenticationScheme was specified, and there was no DefaultAuthenticateScheme found.");
                }
            }

            var handler = await Handlers.GetHandlerAsync(context, scheme);
            if (handler == null)
            {
                throw await CreateMissingHandlerException(scheme);
            }

            var result = await handler.AuthenticateAsync();
            if (result != null && result.Succeeded)
            {
                var transformed = await Transform.TransformAsync(result.Principal);
                return AuthenticateResult.Success(new AuthenticationTicket(transformed, result.Properties, result.Ticket.AuthenticationScheme));
            }
            return result;
        }

        /// <summary>
        /// Challenge the specified authentication scheme.
        /// </summary>
        /// <param name="context">The <see cref="HttpContext"/>.</param>
        /// <param name="scheme">The name of the authentication scheme.</param>
        /// <param name="properties">The <see cref="AuthenticationProperties"/>.</param>
        /// <returns>A task.</returns>
        public virtual async Task ChallengeAsync(HttpContext context, string scheme, AuthenticationProperties properties)
        {
            if (scheme == null)
            {
                var defaultChallengeScheme = await Schemes.GetDefaultChallengeSchemeAsync();
                scheme = defaultChallengeScheme?.Name;
                if (scheme == null)
                {
                    throw new InvalidOperationException($"No authenticationScheme was specified, and there was no DefaultChallengeScheme found.");
                }
            }

            var handler = await Handlers.GetHandlerAsync(context, scheme);
            if (handler == null)
            {
                throw await CreateMissingHandlerException(scheme);
            }

            await handler.ChallengeAsync(properties);
        }

        /// <summary>
        /// Forbid the specified authentication scheme.
        /// </summary>
        public virtual async Task ForbidAsync(HttpContext context, string scheme, AuthenticationProperties properties)
        {
            if (scheme == null)
            {
                var defaultForbidScheme = await Schemes.GetDefaultForbidSchemeAsync();
                scheme = defaultForbidScheme?.Name;
                ...
            }

            var handler = await Handlers.GetHandlerAsync(context, scheme);
       ...
await handler.ForbidAsync(properties); } /// <summary> /// Sign a principal in for the specified authentication scheme. /// </summary> public virtual async Task SignInAsync(HttpContext context, string scheme, ClaimsPrincipal principal, AuthenticationProperties properties) {
       ...
       
if (scheme == null) { var defaultScheme = await Schemes.GetDefaultSignInSchemeAsync(); scheme = defaultScheme?.Name; ... } var handler = await Handlers.GetHandlerAsync(context, scheme); ...
       
var signInHandler = handler as IAuthenticationSignInHandler; ...
       
await signInHandler.SignInAsync(principal, properties); } /// <summary> /// Sign out the specified authentication scheme. /// </summary> public virtual async Task SignOutAsync(HttpContext context, string scheme, AuthenticationProperties properties) { if (scheme == null) { var defaultScheme = await Schemes.GetDefaultSignOutSchemeAsync(); scheme = defaultScheme?.Name; if (scheme == null) { throw new InvalidOperationException($"No authenticationScheme was specified, and there was no DefaultSignOutScheme found."); } } var handler = await Handlers.GetHandlerAsync(context, scheme); if (handler == null) { throw await CreateMissingSignOutHandlerException(scheme); } var signOutHandler = handler as IAuthenticationSignOutHandler; if (signOutHandler == null) { throw await CreateMismatchedSignOutHandlerException(scheme, handler); } await signOutHandler.SignOutAsync(properties); }
}

该类通过构造方法,将我们前两篇中讲到了IAuthenticationSchemeProviderIAuthenticationHandlerProvider注入了进来,第三个参数不是很重要就飘过了。接下来我们看看它的这几个方法AuthenticateAsync、ChallengeAsync、ForbidAsync、SignInAsync和SignOutAsync等方法,他们的套路几乎都一样的,通过注入进来的两个接口的实例,最终获得到IAuthenticationHandler接口实例,并调用同名方法。

关于IAuthenticationService、IAuthenticationHandlerProvider和IAuthenticationSchemeProvider我们又是什么时候注入到服务容器里去的呢?它是在AuthenticationCoreServiceCollectionExtensions这个静态类中的AddAuthenticationCore扩展方法注入到容器中的,还有AuthenticationOptions也是在这里注入到依赖注入系统的容器中的:

    public static class AuthenticationCoreServiceCollectionExtensions
    {
        public static IServiceCollection AddAuthenticationCore(this IServiceCollection services)
        {
       ...
services.TryAddScoped<IAuthenticationService, AuthenticationService>(); services.TryAddSingleton<IClaimsTransformation, NoopClaimsTransformation>(); // Can be replaced with scoped ones that use DbContext services.TryAddScoped<IAuthenticationHandlerProvider, AuthenticationHandlerProvider>(); services.TryAddSingleton<IAuthenticationSchemeProvider, AuthenticationSchemeProvider>(); return services; } public static IServiceCollection AddAuthenticationCore(this IServiceCollection services, Action<AuthenticationOptions> configureOptions) { ... services.AddAuthenticationCore(); services.Configure(configureOptions); return services; } }

该扩展方法是在Startup的ConfigureServices方法调用的。这个就不贴代码了。

注入完以后呢?怎么使用呢?为了方便使用,aspnetcore为我们在外面又裹了一层,那就是AuthenticationHttpContextExtensions为HttpContext添加的扩展方法。我们可以在Controller如下调用:

public class HomeController : Controller
{
        public IActionResult Index()
        {
            var result = HttpContext.AuthenticateAsync();
            return View(result.Result);
        }
}

至此认证相关的核心元素介绍完成,本篇到此结束。

posted @ 2018-10-31 23:46  追夢  阅读(1347)  评论(1编辑  收藏  举报
欢迎访问我的个人博客:三秋邦