IdentityServer4简单入门demo系列 (一)认证服务端
目录
一、认证服务端
二、API资源端
三、调用客户端
详细步骤
一、认证服务端
1、新建一个名为“CertifiedCenter”的 asp.net core web应用程序,如下图
2、添加IdentityServer4的2个引用 IdentityServer4 和 IdentityServer4.AccessTokenValidation,如下图:
3、添加Config.cs类,如下图:
Config.cs的内容如下:
using IdentityServer4.Models; using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; namespace CertifiedCenter { public class Config { public static IEnumerable<ApiResource> GetApiResources() { return new List<ApiResource> { //参数是资源名称,资源显示名称 new ApiResource("api1", "api1") }; } public static IEnumerable<Client> GetClients() { return new List<Client> { new Client { ClientId = "clientId", AllowedGrantTypes = GrantTypes.ClientCredentials, // 用于验证的secret ClientSecrets = { new Secret("123456".Sha256()) }, // 允许的范围 AllowedScopes = { "api1" } } }; } } }
4、添加代码到Startup.cs,代码如下:
using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.HttpsPolicy; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; namespace CertifiedCenter { public class Startup { public Startup(IConfiguration configuration) { Configuration = configuration; } public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.Configure<CookiePolicyOptions>(options => { // This lambda determines whether user consent for non-essential cookies is needed for a given request. options.CheckConsentNeeded = context => true; options.MinimumSameSitePolicy = SameSiteMode.None; }); services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); services.AddIdentityServer() //设置临时签名凭据 .AddDeveloperSigningCredential() //从Config类里面读取刚刚定义的Api资源 .AddInMemoryApiResources(Config.GetApiResources()) //从Config类里面读取刚刚定义的Client集合 .AddInMemoryClients(Config.GetClients()); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } else { app.UseExceptionHandler("/Home/Error"); app.UseHsts(); }
//app.UseHttpsRedirection(); app.UseStaticFiles(); app.UseCookiePolicy(); app.UseMvc(routes => { routes.MapRoute( name: "default", template: "{controller=Home}/{action=Index}/{id?}"); }); app.UseIdentityServer(); } } }
5、最后一步,修改端口号,把端口改为5000,如下图
明天做 API资源端的Demo