使用IdentityServer 4 Jwt保护.NET 4.7.X中的ASP.NET WebAPI [英] Protect ASP.NET WebAPI in .NET 4.7.X with IdentityServer 4 Jwt
问题描述
因此,我已经在.NET Core 3.1项目中设置了IdentityServer 4.我有Web应用程序,也有.NET Core 3.1通过OpenId Connect(oidc)登录用户.完美运行.
但是我还有一个在 .NET Framework 4.7.2 中创建的ASP.NET WebAPI项目,我想让用户使用我的IdentityServer 4创建的Bearer令牌对此进行身份验证.
如果该项目也是.NET Core,那将完美地工作.但事实并非如此.它是.NET 4.7.2,我可以找到的所有示例都将.NET Core与" UseIdentityServerAuthentication "一起使用.在.NET 4.7.2中不可用.或者,我发现使用" IdentityServerBearerTokenAuthenticationOptions "的示例,但这需要NuGet for IdentityServer 3,并且似乎不支持IdentityServer 4创建的Jwt令牌(或者据我所知-可能不正确)./p>
有人可以在这里将我推向正确的方向吗?WebAPI项目必须是.NET Framework 4.7.2,这是一项技术要求.
使用 IdentityServerBearerTokenAuthenticationOptions
,您将步入正轨.您需要在API项目上使用 IdentitySever3.AccessTokenValidation
.IdentityServer4生成的令牌的问题在于它们的类型是 at + jwt
,但是您需要在API上使用 JWT
,您可以像这样轻松地在IdentityServer上更改类型
var builder = services.AddIdentityServer(选项=>{options.AccessTokenJwtType ="JWT";})
您可能还会遇到其他问题,建议您阅读我的博客,其中包括IdentityServer4和.NET 4.5.2 https://nahidfa.com/posts/identityserver4-and-asp-.net-web-api/
So, I have set up IdentityServer 4 in a .NET Core 3.1 project. And I have Web application, also .NET Core 3.1 signing in users through OpenId Connect (oidc). Works perfectly.
But I also have another ASP.NET WebAPI project created in .NET Framework 4.7.2 and I want to let users authenticate to that with a Bearer token created by my IdentityServer 4.
That would work perfectly if that project was also .NET Core. But it's not. It's .NET 4.7.2 and all examples I can find uses .NET Core with "UseIdentityServerAuthentication" which is not available in .NET 4.7.2. Or I find examples using "IdentityServerBearerTokenAuthenticationOptions", but that requires NuGet for IdentityServer 3 and doesn't seem to support Jwt tokens created by IdentityServer 4 (or so I understood - might be incorrect).
Can someone push me in the right direction here? The WebAPI project needs to be .NET Framework 4.7.2, that is a technical requirement.
You are on right track with IdentityServerBearerTokenAuthenticationOptions
. you need to use IdentitySever3.AccessTokenValidation
on API project.
The issue with IdentityServer4 generated tokens is that their type is at+jwt
, but you need JWT
on your API, you can easily change the type on IdentityServer like this
var builder = services.AddIdentityServer(
options =>
{
options.AccessTokenJwtType = "JWT";
})
You may have other issues along the way, which I suggest you to read my blog explaining this with IdentityServer4 and .NET 4.5.2 https://nahidfa.com/posts/identityserver4-and-asp-.net-web-api/
这篇关于使用IdentityServer 4 Jwt保护.NET 4.7.X中的ASP.NET WebAPI的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!