OpenID Connect轻量级库 [英] OpenID Connect lightweight library

查看:96
本文介绍了OpenID Connect轻量级库的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在寻找将实现这些例程的OpenID Connect(OIDC)依赖方轻量级库.

I'm looking for OpenID Connect (OIDC) Relying Party lightweight library that will have these routines implemented.

  1. 撰写身份验证请求"
  2. 验证"id_token"签名 (包括从元数据端点下载证书)
  3. 解析"id_token" JWT
  1. Compose "Authentication Request"
  2. Validate "id_token" signature (including downloading certificate from metadata endpoint)
  3. Parse "id_token" JWT

唯一受支持的OIDC流称为"隐式流",其中服务器直接从授权端点(

The only OIDC flow to be supported is so called "implicit flow" where server answers with "id_token" (and "access_token" if requested) right from authorization endpoint (spec link).

在NuGet存储库中搜索似乎是唯一合适的选择-OWIN中间件,即使我可以确认它可以工作,最好有轻量级的选择.

Searching over NuGet repository seems to yield the only suitable option - OWIN middleware, and even though I can confirm it works, it would be better to have lightweight alternative.

推荐答案

只分享对我有用的内容.

Just sharing what worked for me.

要实现第一个目标,就完成了名为Thinktecture.IdentityModel.Client的NuGet程序包(链接 )可以使用(IdentityServer创建者提供的软件包本身就是不可思议的).下面是一个显示基本用法的示例.

To get 1st goal accomplished NuGet package called Thinktecture.IdentityModel.Client (link) can be used (package from IdentityServer creators that is incredible itself). An example that shows basic usage is below.

var client = new OAuth2Client(new Uri(AuthorizeEndpointUrl));

string url = client.CreateAuthorizeUrl(
    clientId: ClientId,
    redirectUri: RedirectUri,
    responseType: "id_token",
    responseMode: "form_post",
    nonce: Guid.NewGuid().ToString(),
    additionalValues: additionalValues);

关于从OIDC身份提供者收到的JWT的解析和验证,System.IdentityModel.Tokens.Jwt(

As to parsing and validation of the JWT received from OIDC Identity Provider the System.IdentityModel.Tokens.Jwt (link) Microsoft's NuGet package is a way to go. The code snippet is bellow as well.

var parameters = new TokenValidationParameters()
{
    IssuerSigningTokens = GetSigningTokens(MetadataEndpointUrl),
    ValidAudience = ValidAudience,
    ValidIssuer = ValidIssuer,
};

var tokenHandler = new JwtSecurityTokenHandler();

SecurityToken validated;
tokenHandler.ValidateToken(jwt, parameters, out validated);

return validated as JwtSecurityToken;

这一切都很轻巧,可以使您的应用程序免受不必要的依赖.

This all lightweight and keeps your application clean from unnecessary dependencies.

这篇关于OpenID Connect轻量级库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
C#/.NET最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆