用于NodeJS API的Identity Server 4 [英] Identity Server 4 for NodeJS API
问题描述
我试图在下面找出如何使用NodeJS进行身份服务器4身份验证的方法-不在这里.
I'm trying to figure out how to do the identity server 4 authentication below using NodeJS - way out of my comfort zone here.
services.AddAuthentication(IdentityServerAuthenticationDefaults
.AuthenticationScheme)
.AddIdentityServerAuthentication(
options =>
{
options.Authority = "<authority-url>";
options.ApiName = "<api-url>";
});
由于未提供C#实现的秘密或类似信息,因此我在流程中缺少某些内容-令牌可能已通过身份服务器验证了吗?如果我没有秘密"来验证令牌,该如何使用NodeJS验证令牌?
I'm missing something in the flow here as the C# implementation isn't provided a secret or similar - so the token is probably verified via identity server? How would I verify the token using NodeJS if I don't have a 'secret' to verify it with?
我偶然发现了内省端点-我要去吗在正确的方向上?
I've stumbled on introspection endpoint - am I heading in the right direction?
推荐答案
我能够使用jwks -endpoint解决此问题,并且使用公钥来验证令牌,然后我还找到了一个不错的
I was able to solve this using the jwks -endpoint and it's public keys to verify tokens and then I also found a nice package that I used to prepare the middleware:
private issuer: string = process.env.idsrv;
auth = jwt({
secret: jwksClient.expressJwtSecret({
cache: true, // see https://github.com/auth0/node-jwks-rsa#caching,
cacheMaxAge: ms('24h'),
rateLimit: true, // see https://github.com/auth0/node-jwks-rsa#rate-limiting
jwksRequestsPerMinute: 100,
jwksUri: `${this.issuer}/.well-known/jwks`
}),
// validate the audience & issuer from received token vs JWKS endpoint
audience: `${this.issuer}/resources`,
issuer: this.issuer,
algorithms: ["RS256"]
});
这篇关于用于NodeJS API的Identity Server 4的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!