如何扩展IdentityServer4工作流程以运行自定义代码 [英] How to extend IdentityServer4 workflow to run custom code
问题描述
我有一个基于的基本Identityserver4实现.快速入门示例.
在我的创业公司中,我有以下东西:
In my startup I have the following:
public void ConfigureServices(IServiceCollection services)
{
// configure identity server with in-memory stores, keys, clients and scopes
services.AddIdentityServer()
.AddTemporarySigningCredential()
.AddInMemoryApiResources(Config.GetApiResources())
.AddInMemoryClients(Config.GetClients());
}
public void Configure(IApplicationBuilder app)
{
...
app.UseIdentityServer();
}
我想扩展IdentityServer4工作流程,以便在生成访问令牌之后,我可以运行业务逻辑(基于访问令牌中的声明),并修改发送给主叫客户端的响应.我尝试创建.NET核心中间件,但是IdentityServer中间件似乎使其余的管道短路(将在UseIdentityServer被执行之后再没有中间件).
I want to extend the IdentityServer4 workflow so that after the access token is generated I can run business logic (based on the claims in the access token) and modify the response send to the calling client. I tried creating a .NET core middleware but it seems the IdentityServer middleware short-circuits the rest of the pipeline (no middleware place after the UseIdentityServer will be executed).
它们是否可以用来始终修改IdentityServer4发出的响应的Identityserver4中的任何扩展方法?我正在使用凭据授予.本质上,一旦IdentityServer4完成其工作流程,我想运行一些业务逻辑来修改发送给客户端的响应
Are they any extension method in Identityserver4 that I can use to always modify the response issued by IdentityServer4? I am using the credentials grant. Essentially I want to run some business logic to modify the response send to the client once IdentityServer4 is done with its workflow
推荐答案
不幸的是,没有办法做到这一点. 当您请求任何IdentityServer端点时,IdentityServer中间件会使其余的管道短路. 您可以检查源代码: IdentityServerMiddleware类.
Unfortunately, there is no way to do that. When you request any IdentityServer endpoint, IdentityServer middleware short-circuits the rest of the pipeline. You can check source code: IdentityServerMiddleware class.
我相信这样做是有原因的.但是,如果您确实需要修改响应,则至少有三个选项:
I believe it was done for a reason. But if you really need to modify the response, you have at least three options:
- 创建一个叉子,并从中删除
return
运算符IdentityServerMiddleware
Invoke
方法(请小心地将剩余的管道短路,将return
添加到您的上一个中间件中). - 创建自己的
IdentityServerMiddleware
,IdentityServerApplicationBuilderExtensions
实现并使用 它们而不是默认值. -
将中间件放在UseIdentityServer之前.您的中间件应如下所示:
- Create a fork and remove
return
operator fromIdentityServerMiddleware
Invoke
method (be careful to short-circuit the rest of the pipeline addingreturn
into your last middleware). - Create your own
IdentityServerMiddleware
,IdentityServerApplicationBuilderExtensions
implementations and use them instead of default. Place your middleware before the UseIdentityServer. Your middleware should look like this:
public ResponseBodyEditorMiddleware(RequestDelegate next)
{
_next = next;
}
public async Task Invoke(HttpContext context)
{
// get the original body
var body = context.Response.Body;
// replace the original body with a memory stream
var buffer = new MemoryStream();
context.Response.Body = buffer;
// invoke the next middleware from the pipeline
await _next.Invoke(context);
// get the body as a string
var bodyString = Encoding.UTF8.GetString(buffer.GetBuffer());
// make some changes
bodyString = $"The body has been replaced!{Environment.NewLine}Original body:{Environment.NewLine}{bodyString}";
// update the memory stream
var bytes = Encoding.UTF8.GetBytes(bodyString);
buffer.SetLength(0);
buffer.Write(bytes, 0, bytes.Length);
// replace the memory stream with updated body
buffer.Position = 0;
await buffer.CopyToAsync(body);
context.Response.Body = body;
}
这篇关于如何扩展IdentityServer4工作流程以运行自定义代码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!