"UseAuthentication()"的确切含义是什么? [英] What exactly is 'UseAuthentication()' for?
问题描述
我对ASP.NET Core 2中的身份验证有疑问, app.UseAuthentication()到底是做什么用的?
I have a question regarding authentication in ASP.NET Core 2: what exactly is the call app.UseAuthentication() for?
这是基本前提条件,以便我可以实现我的自定义身份验证逻辑吗?我已经看过 UseAuthentication 以及实际的中间件 AuthenticationMiddleware ,但老实说,我不知道这实际上是在做什么以及为什么有必要这样做.
Is it a basic prerequisite so that I can implement my custom authentication logic? I already had a look at the implementation of UseAuthentication and also of the actual middleware AuthenticationMiddleware, but to be honest, I don't understand what that is actually doing and why it would be necessary.
换一种说法:
我是否需要致电 UseAuthentication()
还是一个不错的选择,无论如何我都可以进行自定义身份验证?
or is it a nice-to-have and I can do my custom auth anyways?
如果我没有打电话给 UseAuthentication()很好,我仍然会对
If I was fine without calling UseAuthentication() I'd still be interested in what AuthenticationMiddleware is actually doing. So if you knew that I'd be very grateful if you could explain it for me as well.
推荐答案
如果您编写自定义中间件(如您在示例中所做的那样),则无需调用AddAuthentication,因为不会使用身份验证中间件意识到你自己的.
If you write your custom middleware (like you do in your example), you don't need to call AddAuthentication because the authentication middleware won't be aware of your own.
话虽这么说,您可能不想创建自己的中间件:您可能想创建一个新的身份验证处理程序,该程序可以与ASP.NET身份验证框架很好地配合使用(以便在控制器上使用[Authorize]属性).
That being said, you probably don't want to create your own middleware: you probably want to create a new authentication handler that plays nicely with the ASP.NET authentication framework (so that you use the [Authorize] attribute on controllers).
要创建自定义身份验证,必须创建一个从AuthenticationHandler继承的专用处理程序,并实现相关方法.您可以看一下github上的基本身份验证示例: https://github.com/blowdart/idunno身份验证,但这是一个简单的示例,展示了自定义处理程序的要旨.
To create a custom authentication, you have to create a dedicated handler that inherit from AuthenticationHandler, and implements the relevant methods. You can have a look at an example of basic authentication on github: https://github.com/blowdart/idunno.Authentication, but here's a quick example to show the gist of the custom handlers.
public class BasicAuthenticationOptions : AuthenticationSchemeOptions
{
public BasicAuthenticationOptions()
{
}
}
internal class BasicAuthenticationHandler : AuthenticationHandler<BasicAuthenticationOptions>
{
private const string _Scheme = "MyScheme";
public BasicAuthenticationHandler(
IOptionsMonitor<BasicAuthenticationOptions> options,
ILoggerFactory logger,
UrlEncoder encoder,
ISystemClock clock) : base(options, logger, encoder, clock)
{
}
protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
{
string authorizationHeader = Request.Headers["Custom-Auth-Handler"];
// create a ClaimsPrincipal from your header
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, "My Name")
};
var claimsPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims, Scheme.Name));
var ticket = new AuthenticationTicket(claimsPrincipal,
new AuthenticationProperties { IsPersistent = false },
Scheme.Name
);
return AuthenticateResult.Success(ticket);
}
然后您可以在Startup.cs中注册新方案:
You can then register your new scheme in Startup.cs:
public void ConfigureServices(IServiceCollection services)
{
services
.AddAuthentication(BasicAuthenticationDefaults.AuthenticationScheme)
.AddScheme<BasicAuthenticationOptions, BasicAuthenticationHandler>("MyScheme", options => { /* configure options */ })
}
这篇关于"UseAuthentication()"的确切含义是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
