微服务(入门学习五):identityServer4+ocelot+consul实现简单客户端模式
简介
主要是采用identity Server4 和ocelot 加上consul 实现简单的客户端模式
开发准备
环境准备
- 下载并安装Consul具体请参考前几篇的内容
项目介绍
- 创建ocelotServerTest项目
- 创建IdentityServer4Test项目
- 创建consulServer项目(API项目)
1.创建Consulserver项目
参考该地址进行创建:微服务(入门二):netcore通过consul注册服务
2.创建identityServer项目
参考该地址进行创建:微服务(入门四):identityServer的简单使用(客户端授权)
3.创建ocelotServerTest项目
3.1创建一个webAPI项目
3.2 修改startUP配置,添加authentication认证
using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using IdentityServer4.AccessTokenValidation; using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.HttpsPolicy; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; using netCore; using Ocelot.DependencyInjection; using Ocelot.Middleware; using Ocelot.Provider.Consul; using Ocelot.Provider.Polly; namespace IdentityServer4Test { public class Startup { public Startup(IConfiguration configuration) { Configuration = configuration; } public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); services .AddAuthentication(JwtBearerDefaults.AuthenticationScheme)//添加认证 .AddIdentityServerAuthentication("TestKey", o => { o.Authority = "http://127.0.0.1:3322";//要认证的服务器地址 o.RequireHttpsMetadata = false;//不启用https o.ApiName = "api1";//要认证的服务名称 }); services.AddOcelot(Configuration).AddConsul().AddPolly(); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } else { app.UseHsts(); } app.UseMvc(); app.UseOcelot().Wait(); app.UseAuthentication(); } } }
3.3创建ocelot.json文件并且添加AuthenticationOptions
"AuthenticationOptions": { "AuthenticationProviderKey": "TestKey", "AllowedScopes": [] }
{ "ReRoutes": [ { //下游路由模板,真实请求的路径 "DownstreamPathTemplate": "/api/{everything}", //请求的方式,例如:http,https "DownstreamScheme": "http", //服务器名称 "ServiceName": "zyz1", //启用consul服务 "UseServiceDiscovery": true, //服务熔断 "QoSOptions": { "ExceptionsAllowedBeforeBreaking": 3, //允许多少次异常请求 "DurationOfBreak": 5, //熔断时间,单位为秒 "TimeoutValue": 5000 //如果下游请求的处理时间超过多少则自动设置超时 }, //"RateLimitOptions": { // "ClientWhitelist": [ "admin" ], // 白名单 // "EnableRateLimiting": true, // 是否启用限流 // "Period": "1m", // 统计时间段:1s, 5m, 1h, 1d // "PeriodTimespan": 15, // 多少秒之后客户端可以重试 // "Limit": 5 // 在统计时间段内允许的最大请求数量 //},//负载均衡: //RoundRobin轮流发送; //LeastConnection – 将请求发往最空闲的那个服务器 //NoLoadBalance – 总是发往第一个请求或者是服务发现 "LoadBalancerOptions": { "Type": "RoundRobin" }, //上游地址配置 "UpstreamPathTemplate": "/test/{everything}", //上游支持的请求类型 "UpstreamHttpMethod": [ "GET", "POST" ], "AuthenticationOptions": { "AuthenticationProviderKey": "TestKey", "AllowedScopes": [] } }, { "DownstreamPathTemplate": "/api/Token", "DownstreamScheme": "http", "DownstreamHostAndPorts": [ { "Host": "127.0.0.1", "Port": 3322 } ], "UpstreamPathTemplate": "/GetToken", "UpstreamHttpMethod": [ "Get" ] } ], "GlobalConfiguration": { "BaseUrl": "https://localhost:8596", //consul服务器地址和ip "ServiceDiscoveryProvider": { "Host": "localhost", "Port": 8500 } } }
3.4 修改program文件,添加访问地址,以及ocelot的配置文件
using System; using System.Collections.Generic; using System.IO; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore; using Microsoft.AspNetCore.Hosting; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.Logging; namespace IdentityServer4Test { public class Program { public static void Main(string[] args) { CreateWebHostBuilder(args).Build().Run(); } public static IWebHostBuilder CreateWebHostBuilder(string[] args) => WebHost.CreateDefaultBuilder(args) .UseUrls("http://localhost:8596") .ConfigureAppConfiguration(conf => { conf.AddJsonFile("ocelot.json", optional: false, reloadOnChange: true); }) .UseStartup<Startup>(); } }
测试
1.首先开启consul服务
2.接下来把服务注册到consul当中,启动ConsulServer
3.启动IdentityServer4Test和ocelotServerTest服务
4.通过postMan获取token(正式开发中不会如此使用)
5.根据获取的token去请求Consulserver当中的数据,可正常返回数据