为什么要求Asp.Net核心身份验证方案 [英] Why is Asp.Net Core Authentication Scheme mandatory

问题描述

对于Asp.Net Core中似乎强制采用身份验证方案的事实，我感到非常沮丧. 我的目标是建立一个API，并且我不希望对客户端一无所知.我建立了自定义身份验证和授权，效果很好.我没有使用身份或cookie.但是，如果没有有效的身份验证方案，我将无法返回403禁止结果，否则会出现以下异常...

I'm quite frustrated about the fact that an authentication scheme appears to be mandatory in Asp.Net Core. My objective is to build an API and I don't want to know anything about the client. I've built custom authentication and authorization, which works fine. I'm not using identity or cookies. However, I can't return a 403 Forbid result without a valid authentication scheme, otherwise I get the following exception...

System.InvalidOperationException:没有身份验证处理程序是 配置为处理该方案:自动

System.InvalidOperationException: No authentication handler is configured to handle the scheme: Automatic

我的问题是，是否可以在不依赖登录路径或与此相关的任何路径的情况下，将MVC配置为不使用身份验证方案或创建身份验证方案?

My question is, can I configure MVC to not use an authentication scheme or create an authentication scheme without the reliance on a login path or any path for that matter?

推荐答案

仔细研究了Asp.net Core安全源代码之后，我设法创建了一个自定义身份验证处理程序.为此，您需要实现3个类.

After poring over the Asp.net Core security source code, I've managed to create a custom authentication handler. To do this you need to implement 3 classes.

第一个类实现了一个抽象的AuthenticationOptions.

The first class implements an abstract AuthenticationOptions.

public class AwesomeAuthenticationOptions : AuthenticationOptions {
    public AwesomeAuthenticationOptions() {
        AuthenticationScheme = "AwesomeAuthentication";
        AutomaticAuthenticate = false;
    }
}

第二个类实现了一个抽象的AuthenticationHandler.

The second class implements an abstract AuthenticationHandler.

public class AwesomeAuthentication : AuthenticationHandler<AwesomeAuthenticationOptions>
{
    protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
    {
        var prop = new AuthenticationProperties();
        var ticket = new AuthenticationTicket(Context.User, prop, "AwesomeAuthentication");
        //this is where you setup the ClaimsPrincipal
        //if auth fails, return AuthenticateResult.Fail("reason for failure");
        return await Task.Run(() => AuthenticateResult.Success(ticket));
    }
}

第三类实现抽象的AuthenticationMiddleware.

The third class implements an abstract AuthenticationMiddleware.

public class AwesomeAuthenticationMiddleware : AuthenticationMiddleware<AwesomeAuthenticationOptions>
{
    public AwesomeAuthenticationMiddleware(RequestDelegate next, 
        IOptions<AwesomeAuthenticationOptions> options,
        ILoggerFactory loggerFactory,
        UrlEncoder urlEncoder) : base(next, options, loggerFactory, urlEncoder) {

    }

    protected override AuthenticationHandler<AwesomeAuthenticationOptions> CreateHandler()
    {
        return new AwesomeAuthentication();
    }
}

最后，您使用Startup.cs Configure方法中的中间件组件.

Finally, you use the middleware component in the Startup.cs Configure method.

app.UseMiddleware<AwesomeAuthenticationMiddleware>();

现在您可以建立自己的身份验证方案.

Now you can build your own Authentication Schemes.

这篇关于为什么要求Asp.Net核心身份验证方案的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！