为CQRS生成并验证授权令牌(OWIN?) [英] Generate and validate authorisation tokens (OWIN?) for CQRS

查看:62
本文介绍了为CQRS生成并验证授权令牌(OWIN?)的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

更多的架构/早期思考问题而不是代码问题。



我有一个应用程序,其中登录用户将命令添加到命令队列。 (CQRS)

这些命令可能会在用户不再登录后执行,因此我需要使用用户在发出命令时登录的命令传递身份验证令牌。 br $>


我应该创建自定义声明 [ ^ ]为每个命令类型用户有权访问?



我的命令类有一个唯一标识符(GUID),一个唯一的命令类型,可用作声明名称和一个用于保存授权令牌的参数。我应该在令牌中放入什么以便稍后验证该命令来自声称它来自谁?



More of an architectural / early thoughts question rather than a code issue.

I have an application where the logged in user adds commands to a command queue. (CQRS)
These commands may be executed later when the user is no longer logged on so I need to pass along an authentication token with the command that the user was logged on when the command was issued.

Should I create a custom claim[^] for each command type the user has access to?

My command class has an unique identifier (GUID), a unique command type that can be used to be the claim name and a parameter to hold the authorisation token. What should I put in the token to later verify the command came from who it is claimed it came from?

<DataMember(Name:="InstanceIdentifier")>
Private m_identifier As Guid = Guid.NewGuid

<DataMember(Name:="UserIdentifier")>
Private m_userIdentifier As String

<DataMember(Name:="AuthorisationToken")>
Private m_authorisationToken As String

<DataMember(Name:="Parameters")>
Private m_parameters As Dictionary(Of String, CommandParameter)

''' <summary>
''' Unique identifier of this command instance
''' </summary>
''' <remarks>
''' This should not be assumed to be sequential
''' </remarks>
Public ReadOnly Property InstanceIdentifier As Guid Implements ICommandDefinition.InstanceIdentifier
    Get
        Return m_identifier
    End Get
End Property

''' <summary>
''' The human-readable name of the command.  This must be provided by the derived base class
''' </summary>
''' <remarks>
''' For a high-frequency or low data use scenario an enumerated type can be used but for most cases a readable text
''' name for the command is preferable.
''' </remarks>
Public MustOverride ReadOnly Property CommandName As String Implements ICommandDefinition.CommandName





有任何想法或链接吗?



Any thoughts or links?

推荐答案

这篇关于为CQRS生成并验证授权令牌(OWIN?)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发语言最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆