ASP.NET Core 中的 OAuth 授权服务 [英] OAuth Authorization Service in ASP.NET Core

问题描述

在 Web API 2 中，您过去可以通过如下中间件设置 OAuth 授权服务器来创建端点来发布令牌:

In Web API 2, you used to be able to create an endpoint to issue a token by setting up an OAuth Authorization Server via middleware like below:

//Set up our auth server options.
var OAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp = true,
                TokenEndpointPath = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
                Provider = new SimpleAuthorizationServerProvider()
            };

 // Sets up the token issue endpoint using the options above
 app.UseOAuthAuthorizationServer(OAuthServerOptions);

也许我错过了它，但我正试图弄清楚如何在 ASP.NET Core 中做到这一点.我已经查看了源代码(https://github.com/aspnet/Security)但我没有真的没有看到类似的东西.有没有新的方法来实现这一点?我是否需要创建一个控制器并自己完成?

Perhaps I'm missing it, but I'm trying to figure out how to do this in ASP.NET Core. I've looked through the source (https://github.com/aspnet/Security) but I don't really see anything analogous. Is there a new way to accomplish this? Do I need to just create a controller and do it myself?

我了解如何通过中间件设置 OAuth 身份验证，但这涉及我从 API 发出声明的授权部分.

I see how OAuth Authentication can be set up via Middleware, but this regards the authorization portion where I issue claims from my API.

推荐答案

EDIT (01/28/2021):AspNet.Security.OpenIdConnect.Server 已合并到 OpenIddict 作为 3.0 更新的一部分.要开始使用 OpenIddict，请访问 documentation.openiddict.com.

EDIT (01/28/2021): AspNet.Security.OpenIdConnect.Server has been merged into OpenIddict as part of the 3.0 update. To get started with OpenIddict, visit documentation.openiddict.com.

不要浪费时间在 ASP.NET Core 中寻找 OAuthAuthorizationServerMiddleware 替代方案，ASP.NET 团队只是决定不移植它:https://github.com/aspnet/Security/issues/83

Don't waste your time looking for an OAuthAuthorizationServerMiddleware alternative in ASP.NET Core, the ASP.NET team simply decided not to port it: https://github.com/aspnet/Security/issues/83

我建议查看 AspNet.Security.OpenIdConnect.Server，这是 Katana 3 附带的 OAuth2 授权服务器中间件的高级分支:有一个 OWIN/Katana 3 版本和一个 ASP.NET Core 版本，同时支持完整的 .NET 框架和 .NET Core.

I suggest having a look to AspNet.Security.OpenIdConnect.Server, an advanced fork of the OAuth2 authorization server middleware that comes with Katana 3: there's an OWIN/Katana 3 version, and an ASP.NET Core version that supports both the full .NET framework and .NET Core.

https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server

ASP.NET Core 1.x:

app.UseOpenIdConnectServer(options =>
{
    options.AllowInsecureHttp = true;
    options.TokenEndpointPath = new PathString("/token");
    options.AccessTokenLifetime = TimeSpan.FromDays(1);
    options.TokenEndpointPath = "/token";
    options.Provider = new SimpleAuthorizationServerProvider();
});

ASP.NET Core 2.x:

services.AddAuthentication().AddOpenIdConnectServer(options =>
{
    options.AllowInsecureHttp = true;
    options.TokenEndpointPath = new PathString("/token");
    options.AccessTokenLifetime = TimeSpan.FromDays(1);
    options.TokenEndpointPath = "/token";
    options.Provider = new SimpleAuthorizationServerProvider();
});

要了解有关此项目的更多信息，我建议您阅读 http://kevinchalet.com/2016/07/13/creating-your-own-openid-connect-server-with-asos-introduction/.

To learn more about this project, I'd recommend reading http://kevinchalet.com/2016/07/13/creating-your-own-openid-connect-server-with-asos-introduction/.

祝你好运！

这篇关于ASP.NET Core 中的 OAuth 授权服务的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！