IdentityServer4 -OAuth Password模

作者: 无为无味无心 | 来源:发表于2018-12-11 14:33 被阅读0次

1.1 认证授权中心代码

在内部系统调用，或者高信任客户端调用可以采用。

使用之前的IdentityServer4 -ClientCredential模式代码，在IdentityServer.ServerCenter项目中，修改IdentityConfig.cs配置，新增客户端配置,加入测试用户代码如下：

 public class IdentityConfig
    {
        /// <summary>
        ///   ApiResource 
        /// </summary>
        /// <returns></returns>
        public static IEnumerable<ApiResource> GetResource()
        {
            return new List<ApiResource>() {
            new ApiResource("UserAPI","OrderAPI"){
            } };
        }
        /// <summary>
        /// Client
        /// </summary>
        /// <returns></returns>
        public static IEnumerable<Client> GetClients()
        {
            var clientApp = new Client()
            {
                ClientId = "App1",
                ClientName = "App",
                AllowedGrantTypes = new List<string>() {
                    GrantType.ClientCredentials },
                ClientSecrets = new List<Secret>() {
                    new Secret("Secret".Sha256())

                },
                AllowedScopes = { "UserAPI"}
            };
            var clientWebMVC = new Client()
            {
                ClientId = "WebMVC1",
                ClientName = "WebMVC1"
               ,
                AllowedGrantTypes = new List<string>(){
                   GrantType.ResourceOwnerPassword
                },
                ClientSecrets = new List<Secret>() {
                    new Secret("WebMVCSecret".Sha256())

            }
            };
            return new List<Client>() {
                    clientApp,clientWebMVC
            };
        }
        public static List<TestUser> GetTestUsers()
        {
            return new List<TestUser>()
            {
                new TestUser(){
                    Username="WebMVC_Main",
                    Password="WeMVC_Pwd",
                    SubjectId="1001"
                }
            };
        }
    }

修改Startup.cs文件，使用内存中的测试用户

 public void ConfigureServices(IServiceCollection services)
       {

           services.AddIdentityServer()//添加服务 
               .AddDeveloperSigningCredential()
               .AddInMemoryApiResources(IdentityConfig.GetResource())//Api 资源
               .AddInMemoryClients(IdentityConfig.GetClients())//Api的客户端
               .AddTestUsers(IdentityConfig.GetTestUsers());//添加测试用户
           services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
        
       }

启动IdentityServer.ServerCenter项目，使用PostMan来模拟获取Token。
报文信息参考如下:

POST /connect/token HTTP/1.1
Host: localhost:4000
Content-Type: application/x-www-form-urlencoded
Cache-Control: no-cache
Postman-Token: 63b8ec74-9901-8721-391c-3c8b9f4076df

client_id=WebMVC1&client_secret=WebMVCSecret&grant_type=password&username=WebMVC_Main&password=WeMVC_Pwd&=

返回信息如下:

{
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6ImUyM2FkOWMxZmQwZjJjMDU2YTVlN2I3MzU1OWU5MDY1IiwidHlwIjoiSldUIn0.eyJuYmYiOjE1NDQ1MDkyNTAsImV4cCI6MTU0NDUxMjg1MCwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo0MDAwIiwiYXVkIjpbImh0dHA6Ly9sb2NhbGhvc3Q6NDAwMC9yZXNvdXJjZXMiLCJVc2VyQVBJIl0sImNsaWVudF9pZCI6IldlYk1WQzEiLCJzdWIiOiIxMDAxIiwiYXV0aF90aW1lIjoxNTQ0NTA5MjUwLCJpZHAiOiJsb2NhbCIsInNjb3BlIjpbIlVzZXJBUEkiXSwiYW1yIjpbInB3ZCJdfQ.NJPDnBvALBH0fbulqpXmviu1M_FT72fnV6GLaL62lvl6mjksaIshaQj-iher1MthCejnjrV_Se9S4vNaSaolDv1wuv5la1Ex3S9_U9D_2sAq4huvjm6SiEexD-rrr9Q1T0kqceJ-AL7dE0wTcwxSBOSBRSSG6soJuKiPsPzIUJJGgsRkj_kmYmuLse2YetAWSRBUl9KNDaiJ55pSH7wQcE3Vp1hxPI6HwBjCQlUSFACFrzcBPEWpCBI4YugYLhYCfWSO98-KJxkrc-hu7dyqakIP3mo2YCGzYJX6qs5UpA1jL0cCbPS0otDo2zYBuQJJoNfzpTdaBXi3Uo_bOeh-2A",
"expires_in": 3600,
"token_type": "Bearer"
}

1.2 第三方Client 调用代码

代码如下:

using System;
using System.Net.Http;
using IdentityModel;
using IdentityModel.Client;
namespace IdentityServer.UseCmd
{
   class Program
   {
       static void Main(string[] args)
       {
               //1.1 授权服务发现
            var disco=DiscoveryClient.GetAsync("http://localhost:4000").Result;
           if (disco.IsError)
           {
               Console.WriteLine(disco.Error);
               Console.ReadLine();
               return;
           }
           //1.2 获取token  
           #region ClientCredential
           //var tokenClient = new TokenClient
           //        (
           //        //授权 获取token 节点
           //        disco.TokenEndpoint,
           //        //ClientId
           //        "App1",
           //        //ClientSecret
           //        "Secret");
           //var tokenResponse = tokenClient.RequestClientCredentialsAsync().Result;
           //if (tokenResponse.IsError)
           //{
           //    Console.WriteLine(tokenResponse.Error);
           //    return;
           //} 
           #endregion

           var tokenClient = new TokenClient
                (
                //授权 获取token 节点
                disco.TokenEndpoint,
                //ClientId
                "WebMVC1",
                //ClientSecret
                "WebMVCSecret");
           var tokenResponse = tokenClient.RequestResourceOwnerPasswordAsync(
               //测试用户名
               "WebMVC_Main",
               //测试用户面膜
               "WeMVC_Pwd")
               .Result;
           if (tokenResponse.IsError)
           {
               Console.WriteLine(tokenResponse.Error);
               return;
           }
           Console.WriteLine(tokenResponse.Json);
           //1.3 调用API
           HttpClient c = new HttpClient();
           //设置授权信息
           c.SetBearerToken(tokenResponse.AccessToken);
           var jsonRe = c.GetAsync("http://localhost:4001/api/values").Result;
           Console.WriteLine(jsonRe.Content.ReadAsStringAsync().Result);
           Console.ReadLine();
       }
   }
}

参考文档:https://identityserver4.readthedocs.io/en/latest/quickstarts/2_resource_owner_passwords.html

网友评论

本文标题：IdentityServer4 -OAuth Password模

本文链接：https://www.haomeiwen.com/subject/tgashqtx.html

延伸阅读

深度阅读

您也可以注册成为美文阅读网的作者，发表您的原创作品、分享您的心情！

IdentityServer4 -OAuth Password模

1.1 认证授权中心代码

1.2 第三方Client 调用代码

相关文章

网友评论

延伸阅读

深度阅读

栏目导航

热点阅读