使用IdentityServer4保护Web API 2.2 [英] Protecting Web API 2.2 with IdentityServer4
问题描述
我有Web API 2.2,该Web API使用.2 4.5正在被angular2应用程序使用的框架,并且存在现有的IdentityServer4实现.我想使用IdentityServer4保护我的Web API.我的问题是我可以使用IdentityServer4保护Web API 2.2吗?如果是,那么我有两个后续问题
I have Web API 2.2 which uses .Net 4.5.2 framework which is being used by angular2 application and there is existing IdentityServer4 implementation. I want to protect my Web API using IdentityServer4. My question is can I protect Web API 2.2 using IdentityServer4? If yes then I have two follow up questions
- 我应该使用IdentityServer3.AccessTokenValidation nuget包,还是必须使用IdentityServer4.AccessTokenValidation? (我尝试使用IdentityServer4.AccessTokenValidation程序包,但是它添加了许多与ASP.Net Core相关的依赖项)
- 我将必须使用的授权URL的值是什么?
我可以找到许多使用IdentityServer4保护ASP.Net Core Web API的示例.但是找不到使用IdentityServer4保护Web API 2.2的好例子.如果可能的话,请向我指出Web API端所需的Identityserver配置的良好示例.
I could find many examples where IdentityServer4 is being used to protect ASP.Net Core Web APIs. However couldn't find good example where Web API 2.2 protected using IdentityServer4. If possible please point me to good example of identityserver configuration that is required on Web API side.
推荐答案
要回答您的问题:
1)毫无疑问,您的WebApi 2.2项目使用的是ASP.NET 4.x中的OWIN/Katana,这意味着您应该使用IdentityServer3.AccessTokenValidation. IdentityServer4.AccessTokenValidation与新的ASP.NET MVC Core管道兼容.
1) Your WebApi 2.2 project is undoubtedly using OWIN/Katana from ASP.NET 4.x which means you should to use IdentityServer3.AccessTokenValidation. IdentityServer4.AccessTokenValidation is compatible with the new ASP.NET MVC Core pipeline.
2)您可以通过访问{IdentityUrl}/.well-known/openid-configuration上的身份提供者发现文档来获得授权.授权应与发现文档中的发行者"值相同.您还可以通过查看身份提供者发出的JWT(通过查看"iss"声明)来获得授权.
2) You can get your authority by going to your identity providers discovery document at {IdentityUrl}/.well-known/openid-configuration. The authority should be the same one as the "issuer" value in the discovery document. You can also get the authority by looking at a JWT issued by your identity provider by looking at the "iss" claim.
这篇关于使用IdentityServer4保护Web API 2.2的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
