Jac*_*cee 9 asp.net owin asp.net-core-mvc identityserver3
我使用了IdentityServer v3,现在我希望一个网站既是身份主机又是web api主机.
权限选项不用于验证令牌.我已经验证了令牌端点,并且令牌验证端点正在按预期工作(我可以使用邮递员获取并验证令牌).我使用[Authorize]属性来装饰我的控制器方法.在IdentityServer上启用了完整日志记录,在使用标题名称"Authorization"创建api请求时,没有记录任何内容,其值为"Bearer mytokenhere".
这是使用Visual Studio 2015 CTP6的ASP.NET 5上的vNext网站.
app.UseMvc();
var certFile = AppDomain.CurrentDomain.BaseDirectory + "\\myawesomesite.pfx";
app.Map("/core", core =>
{
var factory = InMemoryFactory.Create(
users: Users.Get(),
clients: Clients.Get(),
scopes: Scopes.Get());
var idsrvOptions = new IdentityServerOptions
{
SiteName = "Lektieplan",
Factory = factory,
RequireSsl = false,
SigningCertificate = new X509Certificate2(certFile, "lektieplan"),
CorsPolicy = CorsPolicy.AllowAll,
LoggingOptions = new LoggingOptions { EnableWebApiDiagnostics = true,EnableHttpLogging = true, IncludeSensitiveDataInLogs = true, WebApiDiagnosticsIsVerbose = true }
};
core.UseIdentityServer(idsrvOptions);
});
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = "http://localhost:57540/core",
RequiredScopes = new[] { "api1" },
});
还有我的project.json
我的依赖:
"Microsoft.AspNet.Server.IIS": "1.0.0-beta3",
"Microsoft.AspNet.Mvc": "6.0.0-beta3",
"Microsoft.AspNet.StaticFiles": "1.0.0-beta3",
"Microsoft.AspNet.Server.WebListener": "1.0.0-beta3",
"Thinktecture.IdentityServer3": "1.3.0.0",
"Microsoft.AspNet.Owin": "1.0.0.0-beta3",
"Microsoft.AspNet.Security.DataProtection": "1.0.0.0-beta3",
"Thinktecture.IdentityServer3.AccessTokenValidation": "1.2.2",
"Autofac": "4.0.0-alpha1",
"log4net": "2.0.3"
在我看来,由于基于cookie的选项,一些提供的样本可以工作.我不想使用cookies.
UseIdentityServerBearerTokenAuthentication 是您唯一的身份验证类型吗?你有为 MVC 定义的过滤器吗?
我会尝试将应用程序拆分为单独的 katana 管道,这样它们就不会发生冲突。
伪:
app.Map("/core", a => a.UseIdsrv());
app.Map("/somethingweb", a => a.UseMvc());
app.Map("/api", a => {
a.UseBearerTokenAuth();
a.UseWebApi(); //or Mvc from now on, with v5
});
猜测您还需要将 cookieauth 添加到该 mvc 管道中,具体取决于您想要实现的目标。
| 归档时间: |
|
| 查看次数: |
4174 次 |
| 最近记录: |