aspnet core 2.2外部认证 [英] aspnet core 2.2 External Authentication

问题描述

创建了一个身份验证Api以处理多个应用程序的身份验证.这是基本的身份验证.用户名和密码.没有与Google等公司合作的OAuth.使用凭据调用api，并以AthenticationResult进行响应.除了AuthenticationResult.Success之外，它都可以正常工作.据我了解，我无法序列化ClaimsPrincipal.在我阅读时，似乎可以将其转换为令牌.这样对吗? AuthenticationResult.Failed序列化无问题.什么是最好的解决方案.我会继续看.
谢谢阅读

Created an Authentication Api to handle the auth for several apps. This is a basic auth. username and pw. No OAuth with Google etc. The api gets called with the credentials and it responds with an AthenticationResult. It works correctly except on AuthenticationResult.Success. As I learned I cannot serialize the ClaimsPrincipal. As I am reading it seems the answer it to convert to a token. Is this correct? The AuthenticationResult.Failed serializes w/o issue. What is the best solution here. I will continue to look.
thx for reading

推荐答案

常规步骤

是的，您需要完成以下步骤:

General Steps

That's correct, you'll need to complete the following steps:

1. 从身份验证API返回令牌.
2. 配置您的应用程序以进行JWT承载身份验证.
3. 在对服务器的每次请求中，将该令牌作为authorize标头的一部分.
4. 需要在控制器中进行身份验证/授权.

1. Return a token from your authentication API.
2. Configure your application for JWT Bearer authentication.
3. Include that token as part of an authorize header on every request to the server.
4. Require authentication/authorization in your controllers.

有一个很棒的

There is an excellent ASP.NET Core 2.2 JWT Authentication Tutorial you should check out.

涉及到太多的代码，无法完整地发布所有代码，但这是一些关键代码段(为了从上下文中更清楚地了解本教程，对代码进行了稍微的修改):

There's too much code involved to post all of it in it's entirety, but here are some key snippets (some code slightly modified for greater clarity out of context from the tutorial):

var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
    Subject = new ClaimsIdentity(new Claim[] 
    {
        // 'user' is the model for the authenticated user
        // also note that you can include many claims here
        // but keep in mind that if the token causes the
        // request headers to be too large, some servers
        // such as IIS may reject the request.
        new Claim(ClaimTypes.Name, user.Id.ToString())
    }),
    Expires = DateTime.UtcNow.AddDays(7),
    SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return tokenHandler.WriteToken(token);

配置JWT身份验证(在Startup.cs ConfigureServices方法中)

var appSettings = appSettingsSection.Get<AppSettings>();
var key = Encoding.ASCII.GetBytes(appSettings.Secret);
services.AddAuthentication(x =>
{
    x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
    x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(x =>
{
    x.RequireHttpsMetadata = false;
    x.SaveToken = true;
    x.TokenValidationParameters = new TokenValidationParameters
    {
        ValidateIssuerSigningKey = true,
        IssuerSigningKey = new SymmetricSecurityKey(key),
        ValidateIssuer = false,
        ValidateAudience = false
    };
});

请不要忘记将应用程序配置为在Startup.cs Configure方法中实际使用身份验证:

Don't forget to configure the app to actually use authentication in Startup.cs Configure method:

app.UseAuthentication();

这篇关于aspnet core 2.2外部认证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！