AddDefaultTokenProviders:它是什么以及如何使用那些“默认提供者"? [英] AddDefaultTokenProviders: what is it and how to use those "default providers"?
问题描述
我在默认Visual Studio 2015 ASP.NET 5项目的ConfigureServices
中的Startup.cs
文件中找到了此文件:
I found this in my Startup.cs
file in ConfigureServices
in a default Visual Studio 2015 ASP.NET 5 project:
services.AddIdentity<ApplicationUser, IdentityRole>()
.AddEntityFrameworkStores<AuthorizationDbContext>()
.AddDefaultTokenProviders();
它到底是做什么的,以及如何使用那些默认提供程序"?是否为我配置了所有基于令牌的身份验证?我在哪里可以了解到更多信息?
What does it exactly do, and how to use those "default providers"? Does it configure all token-based authentication for me? Where can I read more about it?
推荐答案
尽管令牌提供者的名称与令牌身份验证无关,但它们仅用于生成不透明的令牌,用于帐户操作(如密码重置或电子邮件更改) )和两因素身份验证.
Despite their name, the token providers have nothing to do with token authentication: they are exclusively used to generate opaque tokens for account operations (like password reset or email change) and two-factor authentication.
当前有3个内置提供程序:
There are currently 3 built-in providers:
-
DataProtectorTokenProvider
:顾名思义,它使用数据保护块(ASP.NET Core 1.0中的机器密钥等效)来序列化加密令牌,这些令牌随后可以由服务器反序列化.
DataProtectorTokenProvider
: as the name suggests, it uses the data protection block (machine keys' equivalent in ASP.NET Core 1.0) to serialize encrypted tokens that can later be deserialized by the server.
EmailTokenProvider
和 PhoneNumberTokenProvider
:这些提供程序来自 TotpSecurityStampBasedTokenProvider
,它实现了Time-based One-time Password Algorithm
(TOTP),该协议旨在产生易于使用的简短令牌,可以通过SMS或电子邮件发送.
EmailTokenProvider
and PhoneNumberTokenProvider
: these providers are derived from TotpSecurityStampBasedTokenProvider
, which implements the Time-based One-time Password Algorithm
(TOTP), a protocol designed to produce user-friendly and short tokens that can be sent in a SMS or in an email.
ASP.NET Core 1.0不提供本机令牌身份验证支持(仅支持令牌验证:您无法生成自己的令牌).您可以阅读这些SO帖子以获取更多信息:
ASP.NET Core 1.0 doesn't offer native token authentication support (only token validation is supported: you can't produce your own tokens). You can read these SO posts for more information:
- Simple JWT authentication in ASP.NET Core 1.0 Web API.
- Web API Authentication in ASP.NET 5.
- Configure the authorization server endpoint.
这篇关于AddDefaultTokenProviders:它是什么以及如何使用那些“默认提供者"?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!