动态添加新的身份验证方案 [英] Adding new authentication schemes dynamically
问题描述
我正在构建ASP.Net Core 2 PoC,以进行我们需要进行的一些身份验证/授权讨论/决定.
I'm building an ASP.Net Core 2 PoC for some authentication/authorization discussions/decisions that we need to make.
我目前正处于用户刚刚定义此应用程序要支持的新OpenID Provider的地步.
I'm currently at a point where a user has just defined a new OpenID Provider that this application wants to support.
一种支持此方法的方法是在启动过程中读取所有已配置的提供程序,并在ConfigureServices内部对其全部进行配置.但是,有诱人的线索表明,不必杀死并重新启动应用程序也可以执行此操作.
One way to support this would be to read all of the configured providers during startup and configure them all inside ConfigureServices. But there are tantalising clues that it's also possible to do this without having to kill and restart the app.
IAuthenticationSchemeProvider具有看起来很理想的AddScheme方法.现在,我要做的就是构造一个AuthenticationScheme对象,我很高兴.它具有构造函数AuthenticationScheme(string name, string displayName, Type handlerType),但是我不确定如何正确使用Microsoft.AspNetCore.Authentication.OpenIdConnect中的类型来正确构造此对象,并允许我为此指定OpenID Connect特定选项.
IAuthenticationSchemeProvider has an AddScheme method that looks ideal. Now all I need to do is to construct an AuthenticationScheme object and I'm golden. It has a constructor AuthenticationScheme(string name, string displayName, Type handlerType) But I'm not sure how to use the types correctly from Microsoft.AspNetCore.Authentication.OpenIdConnect to correctly construct this object and to allow me to specify the OpenID Connect specific options for this.
我认为我要用于第三个参数的类型是OpenIdConnectHandler.但是我该如何处理我的选择? (或者,替代方法-我该如何做才能提供Action<OpenIdConnectOptions>委托)
I think the type I want to use for the third parameter is OpenIdConnectHandler . But what do I do with my options? (Or in the alternative - how do I get to do the equivalent of being able to supply an Action<OpenIdConnectOptions> delegate)
我发现了这个github问题,它也很有趣(没有TryAddScheme方法,因此,如果我们选择进一步说服该PoC,则可能有例外,这在摘要中会很有意思),但是这个小样本根本没有讨论选项.
I found this github issue which is also of interest (no TryAddScheme method, so exceptions are possible, interesting in the abstract if we choose to persue this PoC further) but the small sample doesn't talk about options at all.
推荐答案
There's an example of how to do this here - https://github.com/aspnet/AuthSamples/tree/master/samples/DynamicSchemes
请记住,对于OAuth方案,您需要做更多的工作,而不仅仅是调用schemeProvider.AddScheme和optionsCache.TryAdd-通过常规方法添加选项时,还有一个后配置"步骤.这是课程- https://github.com/aspnet/Security/blob/master/src/Microsoft.AspNetCore.Authentication.OAuth/OAuthPostConfigureOptions.cs
Keep in mind that for OAuth schemes, you'll have to do more then just calling schemeProvider.AddScheme and optionsCache.TryAdd - there's also a "postconfigure" step when adding options via the normal method. Here's the class - https://github.com/aspnet/Security/blob/master/src/Microsoft.AspNetCore.Authentication.OAuth/OAuthPostConfigureOptions.cs
因此,您可以将类型OAuthPostConfigureOptions<OAuthOptions, OAuthHandler<OAuthOptions>>注册到DI容器中,然后通过构造函数进行抓取,并在将选项添加到optionsCache之前对选项进行调用OAuthPostConfigureOptions.PostConfigure.
So you can register the type OAuthPostConfigureOptions<OAuthOptions, OAuthHandler<OAuthOptions>> into your DI container then grab it via a constructor and call OAuthPostConfigureOptions.PostConfigure on your options before adding the options to the optionsCache.
这篇关于动态添加新的身份验证方案的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
