一、前言

先交代一下整个Demo项目结构:

  • 一个认证服务(端口5000)IdentityServer4.Authentication
  • 五个授权模式(两个控制台程序,三个MVC项目端口5001)文件夹GrantClient
  • 两个资源服务(WebApi:UserApiResource端口8000,ProductApiResource端口9000)文件夹ApiResource

二、准备认证服务 + 资源服务

1、认证服务

(1)新建一个MVC项目,安装 IdentityServer4 ,注册五种授权模式客户端,代码如下

public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
} public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddControllersWithViews(); services.AddIdentityServer()
.AddDeveloperSigningCredential() //临时证书
.AddInMemoryClients(InMemoryConfig.GetClients()) //客户端模式,InMemory内存数据
.AddInMemoryApiScopes(InMemoryConfig.GetApiScopes()) //作用域
.AddInMemoryApiResources(InMemoryConfig.GetApiResources()) //资源
.AddTestUsers(InMemoryConfig.GetTestUser()) //用户
.AddInMemoryIdentityResources(InMemoryConfig.IdentityResources);
} // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
} app.UseIdentityServer(); //使用IdentityServer4 app.UseStaticFiles(); app.UseRouting(); app.UseAuthorization(); app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
}
public class InMemoryConfig
{
public static IEnumerable<IdentityResource> IdentityResources =>
new IdentityResource[]
{
new IdentityResources.OpenId(),
new IdentityResources.Profile(),
//new IdentityResources.Email(),
//new IdentityResources.Address(),
//new IdentityResources.Phone()
};
/// <summary>
/// ApiResource 资源列表
/// </summary>
public static IEnumerable<ApiResource> GetApiResources()
{
return new[]
{
new ApiResource("UserApiResource", "获取用户信息API")
{
Scopes={ "UserScope" }
},
new ApiResource("ProductApiResource", "获取商品信息API")
{
Scopes={ "ProductScope" }
}
};
}
/// <summary>
/// ApiScopes 作用域
/// </summary>
public static IEnumerable<ApiScope> GetApiScopes()
{
return new ApiScope[]
{
new ApiScope("UserScope"),
new ApiScope("ProductScope")
};
}
/// <summary>
/// Client 客户端
/// </summary>
public static IEnumerable<Client> GetClients()
{
return new[]
{
//客户端模式
new Client
{
ClientId = "ClientCredentials",
ClientName = "ClientCredentials",
ClientSecrets = new [] { new Secret("ClientCredentials".Sha256()) },
AllowedGrantTypes = GrantTypes.ClientCredentials,
AllowedScopes = new [] { "UserScope" }
},
//密码模式
new Client
{
ClientId = "ResourceOwnerPasswordCredentials",
ClientName = "ResourceOwnerPasswordCredentials",
ClientSecrets = new [] { new Secret("ResourceOwnerPasswordCredentials".Sha256()) },
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
AllowedScopes = new []
{
"ProductScope",
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
}
},
//简化模式
new Client
{
ClientId = "Implicit",
ClientName = "Implicit",
AllowedGrantTypes = GrantTypes.Implicit,
RedirectUris = { "https://localhost:5001/signin-oidc" },
PostLogoutRedirectUris = { "https://localhost:5001/signout-callback-oidc" },
RequireConsent = true,
AllowedScopes = new []{
"UserScope",
"ProductScope",
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
}
},
//授权码模式
new Client
{
ClientId = "AuthorizationCode",
ClientName = "AuthorizationCode",
ClientSecrets = new [] { new Secret("AuthorizationCode".Sha256()) },
AllowedGrantTypes = GrantTypes.Code,
RedirectUris = { "https://localhost:5001/signin-oidc" },
PostLogoutRedirectUris = { "https://localhost:5001/signout-callback-oidc" },
RequireConsent = true,
AllowedScopes = new []{
"UserScope",
"ProductScope",
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
}
},
//混合模式
new Client
{
ClientId = "Hybrid",
ClientName = "Hybrid",
ClientSecrets = new [] { new Secret("Hybrid".Sha256()) },
AllowedGrantTypes = GrantTypes.Hybrid,
RedirectUris = { "https://localhost:5001/signin-oidc" },
PostLogoutRedirectUris = { "https://localhost:5001/signout-callback-oidc" },
RequireConsent = true,
RequirePkce = false,
AllowedScopes = new []{
"UserScope",
"ProductScope",
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
//IdentityServerConstants.StandardScopes.Email,
//IdentityServerConstants.StandardScopes.Address,
//IdentityServerConstants.StandardScopes.Phone
}
},
};
}
public static List<TestUser> GetTestUser()
{
return new List<TestUser>(){
new TestUser
{
SubjectId = "1",
Username = "WinterSir",
Password = "WinterSir",
Claims =
{
new Claim(JwtClaimTypes.Name,"WinterSir"),
new Claim(JwtClaimTypes.GivenName,"WinterSir"),
new Claim(JwtClaimTypes.FamilyName,"WinterSir-FamilyName"),
new Claim(JwtClaimTypes.Email,"641187567@qq.com"),
new Claim(JwtClaimTypes.EmailVerified,"true", ClaimValueTypes.Boolean),
new Claim(JwtClaimTypes.WebSite,"http://WinterSir.com"),
new Claim(JwtClaimTypes.Address,@" [ 'street_address': 'Chang Ping', 'locality': 'BeiJing' ,'postal_code’: 102206,'country': 'China'}",
IdentityServerConstants.ClaimValueTypes.Json)
}
}
};
}
}

(2)cmddotnet new is4ui安装Quickstart UI模板,删除原来 Controllers 中 HomeController 防止冲突,设置5000端口启动

2、资源服务

新建两个WebApi项目,安装IdentityServer4.AccessTokenValidation,分别修改Startup、Controller,设置8000、9000端口启动

public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
} public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{ services.AddControllers();
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo { Title = "ProductApiResource", Version = "v1" });
}); //集成端口为5000的认证服务
services.AddAuthentication("Bearer")
.AddIdentityServerAuthentication(options =>
{
options.Authority = "https://localhost:5000";
options.ApiName = "ProductApiResource";
});
} // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseSwagger();
app.UseSwaggerUI(c => c.SwaggerEndpoint("/swagger/v1/swagger.json", "ProductApiResource v1"));
} app.UseRouting(); app.UseAuthentication();//鉴权 app.UseAuthorization();//授权 app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
}

三、授权模式

1、客户端授权模式

客户端模式(Client Credentials)指客户端以自己的名义,而不是以用户的名义,向"认证服务"进行认证。如果是提前约束好的客户端,直接给你颁发令牌 token

安装IdentityModel

class Program
{
/// <summary>
/// 客户端模式(Client Credentials)
/// </summary>
/// <param name="args"></param>
static void Main(string[] args)
{
Console.WriteLine("***************** 客户端模式(Client Credentials)*****************");
var client = new HttpClient();
var disco = client.GetDiscoveryDocumentAsync("https://localhost:5000/").Result;
if (disco.IsError)
{
Console.WriteLine(disco.Error);
return;
}
var tokenResponse = client.RequestClientCredentialsTokenAsync(new ClientCredentialsTokenRequest
{
Address = disco.TokenEndpoint,
ClientId = "ClientCredentials",
ClientSecret = "ClientCredentials",
Scope = "UserScope"
}).Result; if (tokenResponse.IsError)
{
Console.WriteLine(tokenResponse.Error);
return;
} Console.WriteLine("\nToken: " + tokenResponse.AccessToken); var apiClient = new HttpClient();
apiClient.SetBearerToken(tokenResponse.AccessToken);
var response = apiClient.GetAsync("https://localhost:8000/User/Get").Result;
if (!response.IsSuccessStatusCode)
{
Console.WriteLine(response.StatusCode);
}
else
{
var content = response.Content.ReadAsStringAsync().Result;
Console.WriteLine("\n结果: " + content);
} Console.ReadLine();
}
}

2、密码模式

密码模式(Resource Owner Password Credentials)中客户端使用用户提供的用户名和密码,向"认证服务"进行认证,有较高风险,通常只有在其他授权模式无法执行的情况下,才能考虑使用这种模式。相较于客户端多了一个用户角色。

安装IdentityModel

static void Main(string[] args)
{
Console.WriteLine("***************** 密码模式(Resource Owner Password credentials)***************** ");
var client = new HttpClient();
var disco = client.GetDiscoveryDocumentAsync("https://localhost:5000/").Result;
if (disco.IsError)
{
Console.WriteLine(disco.Error);
return;
}
var tokenResponse = client.RequestPasswordTokenAsync(new PasswordTokenRequest()
{
Address = disco.TokenEndpoint,
ClientId = "ResourceOwnerPasswordCredentials",
ClientSecret = "ResourceOwnerPasswordCredentials",
UserName = "WinterSir",
Password = "WinterSir",
Scope = "ProductScope",
}).Result; if (tokenResponse.IsError)
{
Console.WriteLine(tokenResponse.Error);
return;
} Console.WriteLine("\nToken: " + tokenResponse.AccessToken); var apiClient = new HttpClient();
apiClient.SetBearerToken(tokenResponse.AccessToken);
var response = apiClient.GetAsync("https://localhost:9000/Product/Get").Result;
if (!response.IsSuccessStatusCode)
{
Console.WriteLine(response.StatusCode);
}
else
{
var content = response.Content.ReadAsStringAsync().Result;
Console.WriteLine("\n结果: " + content);
} Console.ReadLine();
}

3、简化模式

简化模式(Implicit)比授权码模式少了code环节,所有步骤在浏览器中完成,令牌对访问者是可见的,且客户端不需要认证,该模式是很不安全的,且不支持refresh token,适用于 Web 安全要求不高的场景,设置较短时效的 token。

(1)安装IdentityServer4.AccessTokenValidation、Microsoft.AspNetCore.Authentication.OpenIdConnect,修改Startup

public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
} public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
//关闭Jwt映射
JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
//注册授权
services.AddAuthentication(options =>
{
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "oidc";
})
.AddCookie("Cookies")
.AddOpenIdConnect("oidc", options =>
{
options.Authority = "https://localhost:5000"; //认证服务
options.RequireHttpsMetadata = true; //必须使用Https,否则用户无法登录
options.ClientId = "Implicit";
options.ClientSecret = "Implicit";
options.SaveTokens = true; //表示Token要存储
}); services.AddControllersWithViews().AddRazorRuntimeCompilation();
} // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseStaticFiles(); app.UseRouting(); app.UseAuthentication(); app.UseAuthorization(); app.UseHttpsRedirection(); app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
}

(2)_Layout.cshtml添加 注销按钮

<div class="navbar-collapse collapse d-sm-inline-flex justify-content-between">
<ul class="navbar-nav flex-grow-1">
<li class="nav-item">
<a class="nav-link text-dark" asp-area="" asp-controller="Home" asp-action="Index">Home</a>
</li>
<li class="nav-item">
<a class="nav-link text-dark" asp-area="" asp-controller="Home" asp-action="Privacy">Privacy</a>
</li>
</ul>
<a class="nav-link text-dark float-right" asp-area="" asp-controller="Home" asp-action="Logout">Logout</a>
</div>

(3)HomeController添加对应功能,需要认证的方法加上特性[Authorize]

[Authorize]
public IActionResult Privacy()
{
return View();
} //注销
public IActionResult Logout()
{
return SignOut("Cookies", "oidc");
}

(4)修改Privacy.cshtml

@{
ViewData["Title"] = "Privacy Policy";
}
<h1>@ViewData["Title"]</h1> @using Microsoft.AspNetCore.Authentication <h2>Claims</h2> <dl>
@foreach (var claim in User.Claims)
{
<dt>@claim.Type</dt>
<dd>@claim.Value</dd>
}
</dl> <h2>Properties</h2> <dl>
@foreach (var prop in (await Context.AuthenticateAsync()).Properties.Items)
{
<dt>@prop.Key</dt>
<dd>@prop.Value</dd>
}
</dl>

(5)效果图

4、授权码模式

授权码模式(Authorization Code)不同于简化模式直接返回token,而是先返回一个授权码,再用授权码去请求token,然后携带访问Api资源。授权码模式是功能最完整、流程最严密的授权模式。

(1)安装IdentityServer4.AccessTokenValidation、Microsoft.AspNetCore.Authentication.OpenIdConnect,修改Startup

public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
} public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
//关闭Jwt映射
JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
//注册授权
services.AddAuthentication(options =>
{
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "oidc";
})
.AddCookie("Cookies")
.AddOpenIdConnect("oidc", options =>
{
options.Authority = "https://localhost:5000"; //认证服务
options.RequireHttpsMetadata = true; //必须使用Https,否则用户无法登录
options.ClientId = "AuthorizationCode";
options.ClientSecret = "AuthorizationCode";
options.ResponseType = "code";
options.Scope.Clear();
options.Scope.Add("UserScope");
options.Scope.Add("ProductScope");
options.Scope.Add(OidcConstants.StandardScopes.OpenId);
options.Scope.Add(OidcConstants.StandardScopes.Profile);
//options.Scope.Add(OidcConstants.StandardScopes.Email);
//options.Scope.Add(OidcConstants.StandardScopes.Phone);
//options.Scope.Add(OidcConstants.StandardScopes.Address);
options.SaveTokens = true; //表示Token要存储
}); services.AddControllersWithViews().AddRazorRuntimeCompilation();
services.AddControllers().AddJsonOptions(options =>
{
options.JsonSerializerOptions.Encoder = JavaScriptEncoder.Create(UnicodeRanges.All);
});
} // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseStaticFiles(); app.UseRouting(); app.UseAuthentication(); app.UseAuthorization(); app.UseHttpsRedirection(); app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
}

(2)_Layout.cshtml添加 获取用户按钮、注销按钮

<div class="navbar-collapse collapse d-sm-inline-flex justify-content-between">
<ul class="navbar-nav flex-grow-1">
<li class="nav-item">
<a class="nav-link text-dark" asp-area="" asp-controller="Home" asp-action="Index">Home</a>
</li>
<li class="nav-item">
<a class="nav-link text-dark" asp-area="" asp-controller="Home" asp-action="Privacy">Privacy</a>
</li>
<li class="nav-item">
<a class="nav-link text-dark" asp-area="" asp-controller="Home" asp-action="User">UserApi</a>
</li>
</ul>
<a class="nav-link text-dark float-right" asp-area="" asp-controller="Home" asp-action="Logout">Logout</a>
</div>

(3)HomeController添加对应功能,需要认证的方法加上特性[Authorize]

[Authorize]
public IActionResult Privacy()
{
return View();
} [Authorize]
public async Task<IActionResult> User()
{
var client = new HttpClient();
var accessToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.AccessToken);
if (string.IsNullOrEmpty(accessToken))
{
return Json(new { msg = "accesstoken 获取失败" });
}
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
var httpResponse = await client.GetAsync("https://localhost:8000/User/Get");
var result = await httpResponse.Content.ReadAsStringAsync();
if (!httpResponse.IsSuccessStatusCode)
{
ViewBag.Result = new { msg = "请求 User/Get 失败", error = result };
}
ViewBag.Result = new { msg = "成功", data = result };
return View();
} //注销
public IActionResult Logout()
{
return SignOut("Cookies", "oidc");
}

(4)修改Privacy.cshtml

@{
ViewData["Title"] = "Privacy Policy";
}
<h1>@ViewData["Title"]</h1> @using Microsoft.AspNetCore.Authentication <h2>Claims</h2> <dl>
@foreach (var claim in User.Claims)
{
<dt>@claim.Type</dt>
<dd>@claim.Value</dd>
}
</dl> <h2>Properties</h2> <dl>
@foreach (var prop in (await Context.AuthenticateAsync()).Properties.Items)
{
<dt>@prop.Key</dt>
<dd>@prop.Value</dd>
}
</dl>

(5)效果图

5、混合模式

混合模式(Hybrid Flow)

它为我们提供了两全其美的优势,身份令牌通过浏览器传输,因此客户端可以在进行任何更多工作之前对其进行验证。如果验证成功,客户端会通过令牌服务的以获取访问令牌

(1)安装IdentityServer4.AccessTokenValidation、Microsoft.AspNetCore.Authentication.OpenIdConnect,修改Startup

public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
} public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
//关闭Jwt映射
JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
//注册授权
services.AddAuthentication(options =>
{
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "oidc";
})
.AddCookie("Cookies")
.AddOpenIdConnect("oidc", options =>
{
options.Authority = "https://localhost:5000"; //认证服务
options.RequireHttpsMetadata = true; //必须使用Https,否则用户无法登录
options.ClientId = "Hybrid";
options.ClientSecret = "Hybrid";
options.ResponseType = "code id_token";
options.Scope.Clear();
options.Scope.Add("UserScope");
options.Scope.Add("ProductScope");
options.Scope.Add(OidcConstants.StandardScopes.OpenId);
options.Scope.Add(OidcConstants.StandardScopes.Profile);
//options.Scope.Add(OidcConstants.StandardScopes.Email);
//options.Scope.Add(OidcConstants.StandardScopes.Phone);
//options.Scope.Add(OidcConstants.StandardScopes.Address);
//options.Scope.Add(OidcConstants.StandardScopes.0fflineAccess);//获取到刷新Token
options.SaveTokens = true; //表示Token要存储
}); services.AddControllersWithViews().AddRazorRuntimeCompilation();
} // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseStaticFiles(); app.UseRouting(); app.UseAuthentication(); app.UseAuthorization(); app.UseHttpsRedirection(); app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
}

(2)_Layout.cshtml添加 获取产品、注销按钮

<div class="navbar-collapse collapse d-sm-inline-flex justify-content-between">
<ul class="navbar-nav flex-grow-1">
<li class="nav-item">
<a class="nav-link text-dark" asp-area="" asp-controller="Home" asp-action="Index">Home</a>
</li>
<li class="nav-item">
<a class="nav-link text-dark" asp-area="" asp-controller="Home" asp-action="Privacy">Privacy</a>
</li>
<li class="nav-item">
<a class="nav-link text-dark" asp-area="" asp-controller="Home" asp-action="Product">ProductApi</a>
</li>
</ul>
<a class="nav-link text-dark float-right" asp-area="" asp-controller="Home" asp-action="Logout">Logout</a>
</div>

(3)HomeController添加对应功能,需要认证的方法加上特性[Authorize]

[Authorize]
public IActionResult Privacy()
{
return View();
}
[Authorize]
public async Task<IActionResult> Product()
{
var client = new HttpClient();
var accessToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.AccessToken);
if (string.IsNullOrEmpty(accessToken))
{
return Json(new { msg = "accesstoken 获取失败" });
}
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
var httpResponse = await client.GetAsync("https://localhost:9000/Product/Get");
var result = await httpResponse.Content.ReadAsStringAsync();
if (!httpResponse.IsSuccessStatusCode)
{
ViewBag.Result = new { msg = "请求 User/Get 失败", error = result };
}
ViewBag.Result = new { msg = "成功", data = result };
return View();
} //注销
public IActionResult Logout()
{
return SignOut("Cookies", "oidc");
}

(4)修改Privacy.cshtml

@{
ViewData["Title"] = "Privacy Policy";
}
<h1>@ViewData["Title"]</h1> @using Microsoft.AspNetCore.Authentication <h2>Claims</h2> <dl>
@foreach (var claim in User.Claims)
{
<dt>@claim.Type</dt>
<dd>@claim.Value</dd>
}
</dl> <h2>Properties</h2> <dl>
@foreach (var prop in (await Context.AuthenticateAsync()).Properties.Items)
{
<dt>@prop.Key</dt>
<dd>@prop.Value</dd>
}
</dl>

(5)效果图

四、问题踩坑

1、Https

Demo全部用的Https,Mvc客户端配置RequireHttpsMetadata = true如果使用http遇到认证服无法务登录问题,可参考以下地址

https://www.cnblogs.com/i3yuan/p/14033016.html#autoid-20-0-0

2、ResponseType

授权码模式、混合模式需要修改客户端配置ResponseType,ResponseType = "code" 、 ResponseType = "code id_token"

3、RequirePkce

混合模式需要修改对应服务端注册客户端时配置RequirePkce = false,这样不需要客户端提供code challeng

4、其他Error

出现错误大概率是客户端、服务端配置项问题,仔细对比一下就OK了

五、前人栽树,后人乘凉

https://www.cnblogs.com/i3yuan/category/1777690.html

六、代码已上传

https://github.com/WinterSir/IdentityServer4.GrantTypesDemo

(十)React Ant Design Pro + .Net5 WebApi:后端环境搭建-IdentityServer4(二)授权模式的更多相关文章

  1. (二)React Ant Design Pro + .Net5 WebApi:前端环境搭建

    首先,你需要先装一个Nodejs,这是基础哦.如果没有这方面知识的小伙伴可以在园子里搜索cnpm yarn等关键字,内容繁多,此不赘述,参考链接 一. 简介 1. Ant Design Pro v5 ...

  2. (三)React Ant Design Pro + .Net5 WebApi:后端环境搭建

    一. 简介 1. 平常用的core webapi 3.1,恰逢.Net5.0正式版发布了,直接开整. 2. 先学习IdentityServer4 .Autofac.EF Core,集成到后台框架里. ...

  3. (六)React Ant Design Pro + .Net5 WebApi:后端环境搭建-EF Core

    一. 简介 EFCore 是轻量化.可扩展.开源和跨平台版的常用数据访问技术,走你(官方文档) 二. 使用 1.安装数据库驱动包.PMC 工具包 不同的数据库有不同的包,参考,我用 PostgreSQ ...

  4. (五)React Ant Design Pro + .Net5 WebApi:后端环境搭建-Autofac注入+ 泛型仓储

    一. 简介 Autofac与.Net Core自带DI的区别,大佬级的文章数不胜数.我只是根据实际应用简单介绍(非常简单的那种) 1.批量注入,自带DI需要自己写循环反射注入,Autofac现成方法, ...

  5. (七)React Ant Design Pro + .Net5 WebApi:后端环境搭建-日志、异常处理

    一.日志 日志具有帮助开发者快速的定位问题,记录各种信息,配合其他分析框架使用等等功能,收集日志的各类框架如:Log4net.NLog.Exceptionless.Serilog等等,百度或园子里介绍 ...

  6. (八)React Ant Design Pro + .Net5 WebApi:后端环境搭建-Aop

    一.Aop Aop 面向切面编程(Aspect Oriented Program),在项目中,很多地方都会用到Aop的概念,比如:过滤器(Filter),中间件(Middleware) 通常用来处理数 ...

  7. (九)React Ant Design Pro + .Net5 WebApi:后端环境搭建-IdentityServer4-简单配置

    一.简介 IdentityServer4 是用于 ASP.NET Core 的 OpenID Connect 和 OAuth 2.0 框架,通过中间件的方式集成.JWT(json web token) ...

  8. (十一)React Ant Design Pro + .Net5 WebApi:后端环境搭建-IdentityServer4(三)持久化

    一.前言 IdentityServer配合EFCore持久化,框架已经为我们准备了两个上下文: ConfigurationDbContext:配置数据(资源.客户端.身份等) PersistedGra ...

  9. (一)React Ant Design Pro + .Net5 WebApi:先搞定服务器,顺手装个Nginx

    腾讯云搞定服务器,具体过程就不赘述了,文档都有,咨询客服或者自行百度,体验一下过程. 一. 服务器 1. 云服务器 cvm 1核2G centos8.0 2. 域名注册 www.homejok.com ...

随机推荐

  1. ansible复习笔记_role-从零到无

    --创建时间:2021年3月9日 --修改时间:2021年3月9日 --作者:飞翔的小胖猪 roles是各个单独功能性模块的集合,通过分别将变量.文件.任务.模板及处理器放置于单独的目录中,并可以便捷 ...

  2. Scrapy(六):Spider

    总结自:Spiders - Scrapy 2.5.0 documentation Spider 1.综述 ①在回调函数Parse及其他自写的回调函数中,必须返回Item对象.Request对象.或前两 ...

  3. Python:爬取一个可下载的PDF链接并保存为本地pdf文件

    问题:网页http://gk.chengdu.gov.cn/govInfo/detail.action?id=2653973&tn=2中有一个PDF需要下载,开发者模式下该PDF的链接为htt ...

  4. 手把手教你使用 Java 在线生成 pdf 文档

    一.介绍 在实际的业务开发的时候,研发人员往往会碰到很多这样的一些场景,需要提供相关的电子凭证信息给用户,例如网银/支付宝/微信购物支付的电子发票.订单的库存打印单.各种电子签署合同等等,以方便用户查 ...

  5. webgl未使用独立显卡报告

    0x00 楔子 最近客户在使用我们的的三维可视化平台的时候,总是会出现浏览器崩溃,webgl context lost的情况. 这种请一般出现在电脑配置很低的电脑上,比如没有独显,只有很小现存的集成显 ...

  6. 微信小程序文件上传结合lin ul

    html <l-form name="goods" l-form-btn-class="l-form-btn-class" bind:linsubmit= ...

  7. webug4.0 打靶笔记-02【完结】

    webug4.0打靶笔记-02 3. 延时注入(时间盲注) 3.1 访问靶场 3.2 寻找注入点 貌似一样的注入点: ?id=1' --+ 3.3 判断输出位置 同前两关一样的位置,时间盲注应该不是这 ...

  8. kali linux 更换国内源报GPG error解决办法

    wget -q -O - https://archive.kali.org/archive-key.asc | apt-key add

  9. Docker——时间配置

    一.常用时间表示 GMT(Greenwich Mean Time):格林威治时间,格林威治被定义为了\(0^o\)经线开始的地方,地球每15进度分为一个时区,共24个时区,相邻时区相差1个小时.中国位 ...

  10. Redis的Unable to connect to Redis和java.io.IOException: 远程主机强迫关闭了一个现有的连接问题的解决

      学习项目xhr系统用到springboot + vue(https://github.com/lenve/vhr),文档中要求使用到RabbitMQ,但是从我搭建开发环境来看,是否配置Rabbit ...