分支ASP.NET Core管道身份验证 [英] Branching ASP.NET Core Pipeline Authentication

问题描述

我的应用程序当前正在使用基本身份验证，但是我想转换为OAuth，因此在短时间内需要同时使用两种类型的身份验证.有没有办法像这样分支我的ASP.NET Core管道:

My application is currently using Basic authentication but I want to transition to OAuth, so there will be a short period where both types of authentication need to be used. Is there some way to branch my ASP.NET Core pipeline like so:

public void Configure(IApplicationBuilder application)
{
    application
        .Use((context, next) =>
        {
            if (context.Request.Headers.ContainsKey("Basic"))
            {
                // Basic
            }
            else if (context.Request.Headers.ContainsKey("Authorization"))
            {
                // OAuth
            }

            return next();
        })
        .UseStaticFiles()
        .UseMvc();
}

因此，在上面，如果我检测到HTTP标头，则使用基本身份验证，否则使用OAuth.

So above, I am using basic authentication if I detect the HTTP header, otherwise I use OAuth.

推荐答案

技术上，您可以像这样使用UseWhen:

Technically you can use UseWhen like this:

app.UseWhen(context => context.Request.Headers.ContainsKey("Basic"), appBuilder =>
{
    // use basic middleware
} 
app.UseWhen(context => context.Request.Headers.ContainsKey("Authorization"), appBuilder =>
{
    // use oauth authentication
} 

但是对于您的情况，身份验证中间件应在自己的身份验证处理程序中处理这些条件，如果不匹配，则跳过.您不需要处理条件.因此，您可以使用以下身份验证中间件:

But for your case, the authentication middlewares should handle these conditions inside own authentication handler and if does not match condition then it skips. You shouldn't need to handle conditions. So you can just use these authentication middlewares:

app.UseBasicAuthentication();

app.UseOauthAuthentication();

这篇关于分支ASP.NET Core管道身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！