标签:source mvc login iss except localhost new ant get
1.mvc Client配置
(1)Startup
1 JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); 2 3 services.AddAuthentication(options => 4 { 5 options.DefaultScheme = "Cookies"; 6 options.DefaultChallengeScheme = "oidc"; 7 }) 8 .AddCookie("Cookies") 9 .AddOpenIdConnect("oidc", options => 10 { 11 options.SignInScheme = "Cookies"; 12 options.Authority = "http://localhost:5000"; 13 options.RequireHttpsMetadata = false; 14 options.ClientId = "mvc client"; 15 options.ClientSecret = "mvc secret"; 16 options.SaveTokens = true; 17 options.ResponseType = "code"; 18 19 options.Scope.Clear(); 20 options.Scope.Add("api1"); 21 options.Scope.Add("openid"); 22 options.Scope.Add("profile"); 23 options.Scope.Add(OidcConstants.StandardScopes.OfflineAccess); 24 25 });
(2)Controller
1 [Authorize] 2 public class HomeController : Controller 3 { 4 public async Task<IActionResult> Index() 5 { 6 var client = new HttpClient(); 7 var disco = await client.GetDiscoveryDocumentAsync("http://localhost:5000/"); 8 9 if (disco.IsError) 10 { 11 throw new Exception(disco.Error); 12 13 14 } 15 16 var accessToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.AccessToken); 17 18 client.SetBearerToken(accessToken); 19 20 var response = await client.GetAsync("http://localhost:5001/api/values"); 21 22 if (!response.IsSuccessStatusCode) 23 { 24 throw new Exception(response.ReasonPhrase); 25 } 26 27 var content = await response.Content.ReadAsStringAsync(); 28 return View("Index", content); 29 30 31 32 //return View(); 33 } 34 35 public async Task<IActionResult> Privacy() 36 { 37 var accessToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.AccessToken); 38 var idToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.IdToken); 39 40 var refreshToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.RefreshToken); 41 var authorizationCode = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.Code); 42 return View(); 43 } 44 45 [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)] 46 public IActionResult Error() 47 { 48 return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier }); 49 } 50 51 public async Task Logout() 52 { 53 await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); 54 55 await HttpContext.SignOutAsync("oidc"); 56 } 57 }
2.id4 配置
1 new Client 2 { 3 ClientId = "mvc client", 4 ClientName = "MVC Client", 5 AllowedGrantTypes = GrantTypes.CodeAndClientCredentials, 6 ClientSecrets = {new Secret("mvc secret".Sha256())}, 7 8 // where to redirect to after login 9 RedirectUris = { "http://localhost:5002/signin-oidc" }, 10 FrontChannelLogoutUri = "http://localhost:5002/signout-oidc", 11 // where to redirect to after logout 12 PostLogoutRedirectUris = { "http://localhost:5002/signout-callback-oidc" }, 13 14 AllowOfflineAccess = true, 15 16 AllowedScopes = new List<string> 17 { "api1", 18 IdentityServerConstants.StandardScopes.OpenId, 19 IdentityServerConstants.StandardScopes.Profile 20 21 } 22 }
3.apiResource 在上一篇文章中
identityServer4 AuthorizationCode Flow
标签:source mvc login iss except localhost new ant get
原文地址:https://www.cnblogs.com/Spinoza/p/11006935.html