带有EF6的IdentityServer4
我已经基于此实现了IdentityServer4的基本Web API保护。
该演示基于内存数据。 大多数教程都基于用户数据的EF Core实现。 在我搜索时, IdentityServer3有一个IUserService ,现在在版本4中丢失了。
builder.AddInMemoryClients(Clients.Get()); builder.AddInMemoryScopes(Scopes.Get()); builder.AddInMemoryUsers(Users.Get());
如何从EF6商店检索我的用户数据?
在Startup.cs中,执行此操作
builder.Services.AddTransient(); builder.Services.AddTransient();
以下是ResourceOwnerPasswordValidator和ProfileService的示例
public class ResourceOwnerPasswordValidator : IResourceOwnerPasswordValidator { private MyUserManager _myUserService { get; set; } public ResourceOwnerPasswordValidator() { _myUserService = new MyUserManager(); } public async Task ValidateAsync(string userName, string password, ValidatedTokenRequest request) { var user = await _myUserService.FindByNameAsync(userName); if (user != null && await _myUserService.CheckPasswordAsync(user, password)) { return new CustomGrantValidationResult(user.EmailAddress, "password"); } return new CustomGrantValidationResult("Invalid username or password"); } } public class ProfileService : IProfileService { MyUserManager _myUserManager; public ProfileService() { _myUserManager = new MyUserManager(); } public async Task GetProfileDataAsync(ProfileDataRequestContext context) { var sub = context.Subject.FindFirst("sub")?.Value; if (sub != null) { var user = await _myUserManager.FindByIdAsync(sub); var cp = await getClaims(user); var claims = cp.Claims; if (context.AllClaimsRequested == false || (context.RequestedClaimTypes != null && context.RequestedClaimTypes.Any())) { claims = claims.Where(x => context.RequestedClaimTypes.Contains(x.Type)).ToArray().AsEnumerable(); } context.IssuedClaims = claims; } } public Task IsActiveAsync(IsActiveContext context) { return Task.FromResult(0); } private async Task getClaims(CustomerSite user) { if (user == null) { throw new ArgumentNullException(nameof(user)); } var userId = await _myUserManager.GetUserIdAsync(user); var userName = await _myUserManager.GetUserNameAsync(user); var id = new ClaimsIdentity(); id.AddClaim(new Claim(JwtClaimTypes.Id, userId)); id.AddClaim(new Claim(JwtClaimTypes.PreferredUserName, userName)); var roles = await _myUserManager.GetRolesAsync(user); foreach (var roleName in roles) { id.AddClaim(new Claim(JwtClaimTypes.Role, roleName)); } id.AddClaims(await _myUserManager.GetClaimsAsync(user)); return new ClaimsPrincipal(id); } }
- 未指定authenticationScheme,并且未找到DefaultChallengeScheme Cookies身份validation
- ASP.net核心web api:使用Facebook / Google OAuth访问令牌进行身份validation
- SSL客户端/服务器相互认证
- 错误(407)“需要代理validation”。
- System.Security.Claims命名空间的成员不可用?
- 如何伪造Active Directory?
- C#Flurl – 将WebRequestHandler添加到FlurlClient
- 使用C#根据LDAP对用户进行身份validation
- owin oauth发送其他参数