IdentityServer4简单入门demo系列 （一）认证服务端

目录

一、认证服务端

二、API资源端

三、调用客户端

 

详细步骤

一、认证服务端

 1、新建一个名为“CertifiedCenter”的 asp.net core  web应用程序，如下图

 

　　

2、添加IdentityServer4的2个引用  IdentityServer4 和 IdentityServer4.AccessTokenValidation，如下图：

　　

　　

　　

 

3、添加Config.cs类，如下图：

　　

 　　Config.cs的内容如下：

using IdentityServer4.Models;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;

namespace CertifiedCenter
{
    public class Config
    {
        public static IEnumerable<ApiResource> GetApiResources()
        {
            return new List<ApiResource>
            {
                //参数是资源名称,资源显示名称
                new ApiResource("api1", "api1")
            };
        }

        public static IEnumerable<Client> GetClients()
        {
            return new List<Client>
            {
                new Client
                {
                    ClientId = "clientId",

                    AllowedGrantTypes = GrantTypes.ClientCredentials,

                    // 用于验证的secret
                    ClientSecrets =
                    {
                        new Secret("123456".Sha256())
                    },

                    // 允许的范围
                    AllowedScopes = { "api1" }
                }
            };
        }
    }
}

4、添加代码到Startup.cs，代码如下：

using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.HttpsPolicy;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;

namespace CertifiedCenter
{
    public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.Configure<CookiePolicyOptions>(options =>
            {
                // This lambda determines whether user consent for non-essential cookies is needed for a given request.
                options.CheckConsentNeeded = context => true;
                options.MinimumSameSitePolicy = SameSiteMode.None;
            });

            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);

            services.AddIdentityServer()
            //设置临时签名凭据
            .AddDeveloperSigningCredential()
            //从Config类里面读取刚刚定义的Api资源
            .AddInMemoryApiResources(Config.GetApiResources())
            //从Config类里面读取刚刚定义的Client集合
            .AddInMemoryClients(Config.GetClients());
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            else
            {
                app.UseExceptionHandler("/Home/Error");
                app.UseHsts();
            }

            //app.UseHttpsRedirection();
            app.UseStaticFiles();
            app.UseCookiePolicy();

            app.UseMvc(routes =>
            {
                routes.MapRoute(
                    name: "default",
                    template: "{controller=Home}/{action=Index}/{id?}");
            });

            app.UseIdentityServer();
        }
    }
}

5、最后一步，修改端口号，把端口改为5000，如下图

　　

 明天做 API资源端的Demo