oauth-2.0 使用ASP.NET5实现OAuth 2.0 + openID令牌

83qze16e  于 2022-10-31  发布在  .NET
关注(0)|答案(1)|浏览(355)

我有下面的代码,当我运行这个项目时,它似乎什么都不做。我希望浏览器重定向到http://localhost:5000,请求“代码”授权流。相反,我只看到“Hello World”。
这是我的startup.cs文件:

using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;

namespace OAuthService
{
    public class Startup
    {
        // This method gets called by the runtime. Use this method to add services to the container.
        // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddAuthentication(options =>
            {
                options.DefaultAuthenticateScheme = "cookie";
                options.DefaultSignInScheme = "cookie";
                options.DefaultChallengeScheme = "oidc";
            })
            .AddOpenIdConnect("oidc", options =>
            {
                options.Authority = "http://localhost:5000";
                options.RequireHttpsMetadata = false; // dev only

                options.ClientId = "pkce_client";
                options.ClientSecret = "acf2ec6fb01a4b698ba240c2b10a0243";
                options.ResponseType = OpenIdConnectResponseType.Code;
                options.ResponseMode = "form_post";
                options.CallbackPath = "/OAuthService/GetResponse";
                options.UsePkce = true;
            });
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }

            app.UseRouting();

            app.UseAuthentication();            

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapGet("/", async context =>
                {
                    await context.Response.WriteAsync("Hello World!");
                });
            });
        }
    }
}
ffdz8vbo

ffdz8vbo1#

需要有人告诉身份验证模块用户必须登录。

app.UseEndpoints(endpoints =>
            {
                endpoints.MapGet("/login", async context =>
                {
                    var claims = new Claim[]
                    {
                                        //Standard claims
                                        new Claim(ClaimTypes.Name, "Joe Svensson"),
                                        new Claim(ClaimTypes.Country, "Sweden"),
                                        new Claim(ClaimTypes.Email, "joe@edument.se"),

                                        //Custom claims
                                        new Claim("JobTitle", "Developer"),
                                        new Claim("JobLevel", "Senior"),
                    };

                    ClaimsIdentity identity = new ClaimsIdentity(claims: claims,
                                                      authenticationType: CookieAuthenticationDefaults.AuthenticationScheme);

                    ClaimsPrincipal user = new ClaimsPrincipal(identity: identity);

                    var authProperties = new AuthenticationProperties
                    {
                        IsPersistent = true
                    };

                    //Sign-in the user
                    await context.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, user, authProperties);

                    await context.Response.WriteAsync("<!DOCTYPE html><body>");
                    await context.Response.WriteAsync("<h1>Logged in!</h1>");
                });
....

或者使用以下命令添加授权处理程序中间件

app.UseAuthorization();

并使用以下命令对其进行正确配置:

.AddAuthorization(options =>
{
    ...
})

相关问题