IdentityServer4简单入门demo系列 (一)认证服务端

目录

一、认证服务端

二、API资源端

三、调用客户端

 

详细步骤

一、认证服务端

 1、新建一个名为“CertifiedCenter”的 asp.net core  web应用程序,如下图

 

  

2、添加IdentityServer4的2个引用  IdentityServer4 和 IdentityServer4.AccessTokenValidation,如下图:

  

  

  

 

3、添加Config.cs类,如下图:

  

   Config.cs的内容如下:

using IdentityServer4.Models;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;

namespace CertifiedCenter
{
    public class Config
    {
        public static IEnumerable<ApiResource> GetApiResources()
        {
            return new List<ApiResource>
            {
                //参数是资源名称,资源显示名称
                new ApiResource("api1", "api1")
            };
        }

        public static IEnumerable<Client> GetClients()
        {
            return new List<Client>
            {
                new Client
                {
                    ClientId = "clientId",

                    AllowedGrantTypes = GrantTypes.ClientCredentials,

                    // 用于验证的secret
                    ClientSecrets =
                    {
                        new Secret("123456".Sha256())
                    },

                    // 允许的范围
                    AllowedScopes = { "api1" }
                }
            };
        }
    }
}

4、添加代码到Startup.cs,代码如下:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.HttpsPolicy;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;

namespace CertifiedCenter
{
    public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.Configure<CookiePolicyOptions>(options =>
            {
                // This lambda determines whether user consent for non-essential cookies is needed for a given request.
                options.CheckConsentNeeded = context => true;
                options.MinimumSameSitePolicy = SameSiteMode.None;
            });

            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);

            services.AddIdentityServer()
            //设置临时签名凭据
            .AddDeveloperSigningCredential()
            //从Config类里面读取刚刚定义的Api资源
            .AddInMemoryApiResources(Config.GetApiResources())
            //从Config类里面读取刚刚定义的Client集合
            .AddInMemoryClients(Config.GetClients());
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            else
            {
                app.UseExceptionHandler("/Home/Error");
                app.UseHsts();
            }
//app.UseHttpsRedirection(); app.UseStaticFiles(); app.UseCookiePolicy(); app.UseMvc(routes => { routes.MapRoute( name: "default", template: "{controller=Home}/{action=Index}/{id?}"); }); app.UseIdentityServer(); } } }

5、最后一步,修改端口号,把端口改为5000,如下图

  

 明天做 API资源端的Demo

posted @ 2019-06-19 19:40  星星c#  阅读(2446)  评论(0编辑  收藏  举报