用于NodeJS API的Identity Server 4 [英] Identity Server 4 for NodeJS API

问题描述

我试图在下面找出如何使用NodeJS进行身份服务器4身份验证的方法-不在这里.

I'm trying to figure out how to do the identity server 4 authentication below using NodeJS - way out of my comfort zone here.

services.AddAuthentication(IdentityServerAuthenticationDefaults
.AuthenticationScheme)
    .AddIdentityServerAuthentication(
         options =>
         {
          options.Authority = "<authority-url>";
          options.ApiName = "<api-url>";
          });

由于未提供C#实现的秘密或类似信息，因此我在流程中缺少某些内容-令牌可能已通过身份服务器验证了吗?如果我没有秘密"来验证令牌，该如何使用NodeJS验证令牌?

I'm missing something in the flow here as the C# implementation isn't provided a secret or similar - so the token is probably verified via identity server? How would I verify the token using NodeJS if I don't have a 'secret' to verify it with?

我偶然发现了内省端点-我要去吗在正确的方向上?

I've stumbled on introspection endpoint - am I heading in the right direction?

推荐答案

我能够使用jwks -endpoint解决此问题，并且使用公钥来验证令牌，然后我还找到了一个不错的

I was able to solve this using the jwks -endpoint and it's public keys to verify tokens and then I also found a nice package that I used to prepare the middleware:

private issuer: string = process.env.idsrv;


auth = jwt({
    secret: jwksClient.expressJwtSecret({
        cache: true,        // see https://github.com/auth0/node-jwks-rsa#caching,
        cacheMaxAge: ms('24h'),
        rateLimit: true,    // see https://github.com/auth0/node-jwks-rsa#rate-limiting
        jwksRequestsPerMinute: 100,
        jwksUri: `${this.issuer}/.well-known/jwks`
    }),

    // validate the audience & issuer from received token vs JWKS endpoint
    audience: `${this.issuer}/resources`,
    issuer: this.issuer,
    algorithms: ["RS256"]
});

这篇关于用于NodeJS API的Identity Server 4的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！