ASP.NET Core中的OAuth授权服务 [英] OAuth Authorization Service in ASP.NET Core
问题描述
在Web API 2中,您曾经能够通过如下所示的中间件来设置OAuth授权服务器,从而创建一个发布令牌的端点:
In Web API 2, you used to be able to create an endpoint to issue a token by setting up an OAuth Authorization Server via middleware like below:
//Set up our auth server options.
var OAuthServerOptions = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
Provider = new SimpleAuthorizationServerProvider()
};
// Sets up the token issue endpoint using the options above
app.UseOAuthAuthorizationServer(OAuthServerOptions);
也许我想念它,但是我试图弄清楚如何在ASP.NET Core中做到这一点.我已经查看了源代码( https://github.com/aspnet/Security ),但我不知道真的看不到任何类似的东西.有没有新的方法可以做到这一点?我是否需要创建一个控制器并自己完成?
Perhaps I'm missing it, but I'm trying to figure out how to do this in ASP.NET Core. I've looked through the source (https://github.com/aspnet/Security) but I don't really see anything analogous. Is there a new way to accomplish this? Do I need to just create a controller and do it myself?
我了解了如何通过中间件设置OAuth身份验证,但这涉及到我从API发出声明的授权部分.
I see how OAuth Authentication can be set up via Middleware, but this regards the authorization portion where I issue claims from my API.
推荐答案
不要浪费时间在ASP.NET Core中寻找OAuthAuthorizationServerMiddleware替代方案,ASP.NET团队只是决定不移植它: https://github.com/aspnet/Security/issues/83
Don't waste your time looking for an OAuthAuthorizationServerMiddleware alternative in ASP.NET Core, the ASP.NET team simply decided not to port it: https://github.com/aspnet/Security/issues/83
我建议看看 AspNet.Security.OpenIdConnect.Server ,这是Katana 3随附的OAuth2授权服务器中间件的高级分支,其中有OWIN/Katana 3版本和ASP同时支持完整.NET框架和.NET Core的.NET Core版本.
I suggest having a look to AspNet.Security.OpenIdConnect.Server, an advanced fork of the OAuth2 authorization server middleware that comes with Katana 3: there's an OWIN/Katana 3 version, and an ASP.NET Core version that supports both the full .NET framework and .NET Core.
https://github.com/aspnet-contrib/AspNet.Security. OpenIdConnect.Server
ASP.NET Core 1.x:
app.UseOpenIdConnectServer(options =>
{
options.AllowInsecureHttp = true;
options.TokenEndpointPath = new PathString("/token");
options.AccessTokenLifetime = TimeSpan.FromDays(1);
options.TokenEndpointPath = "/token";
options.Provider = new SimpleAuthorizationServerProvider();
});
ASP.NET Core 2.x:
services.AddAuthentication().AddOpenIdConnectServer(options =>
{
options.AllowInsecureHttp = true;
options.TokenEndpointPath = new PathString("/token");
options.AccessTokenLifetime = TimeSpan.FromDays(1);
options.TokenEndpointPath = "/token";
options.Provider = new SimpleAuthorizationServerProvider();
});
To learn more about this project, I'd recommend reading http://kevinchalet.com/2016/07/13/creating-your-own-openid-connect-server-with-asos-introduction/.
祝你好运!
这篇关于ASP.NET Core中的OAuth授权服务的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
