我尝试实现 IdentityServer,如https://aspnetboilerplate.com/Pages/Documents/Zero/Identity-Server中所述
但该示例不起作用。
我从 ASP.NET Boilerplate 启动了一个 Core 2.0 Angular 项目。是否有基于文档的更新工作示例?
问题不止一个,但其中之一是AuthConfigurer.cs。
API调用方(客户端)无法通过token验证。
实际上, TokenAuthController.cs中有一段token生成代码:
private string CreateAccessToken(IEnumerable<Claim> claims, TimeSpan? expiration = null)
{
var now = DateTime.UtcNow;
var jwtSecurityToken = new JwtSecurityToken(
issuer: _configuration.Issuer,
audience: _configuration.Audience,
claims: claims,
notBefore: now,
expires: now.Add(expiration ?? _configuration.Expiration),
signingCredentials: _configuration.SigningCredentials
);
return new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken);
}
但在Startup类中,AddIdentity创建AddAuthentication不同的令牌值和验证规则。
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources())
.AddInMemoryApiResources(IdentityServerConfig.GetApiResources())
.AddInMemoryClients(IdentityServerConfig.GetClients())
.AddAbpPersistedGrants<IAbpPersistedGrantDbContext>()
.AddAbpIdentityServer<User>(); ;
services.AddAuthentication().AddIdentityServerAuthentication("IdentityBearer", options =>
{
options.Authority = "http://localhost:62114/";
options.RequireHttpsMetadata = …