下面是现有的asp.net框架代码,我尝试了多种方法将同一代码转换为.net核心,但它没有按预期工作。请提出一些解决方案。
public void ConfigureAuth(IAppBuilder app, IntrospectionEndpointHandler introspectionEndpointHandler)
{
//Configure the db context and user manager to use a single instance per request
app.CreatePerOwinContext(UserDbContext.Create);
app.CreatePerOwinContext<UserManager>(UserManager.Create);
app.CreatePerOwinContext<RoleManager>(RoleManager.Create);
JwtSecurityTokenHandler.InboundClaimTypeMap.Clear();
// I am not able to find equlant method for UseIdentityServerBearerTokenAuthentication in . net core
app.UseIdentityServerBearerTokenAuthentication(new IdentityServerBearerTokenAuthenticationOptions
{
Authority = ConfigurationManager.AppSettings["identityServerUrl"],
ValidationMode = ValidationMode.ValidationEndpoint,
IntrospectionHttpHandler = introspectionEndpointHandler,
BackchannelHttpHandler = introspectionEndpointHandler,
ClientId = ConfigurationManager.AppSettings["ResourceName"],
ClientSecret = ConfigurationManager.AppSettings["Secret"],
RequiredScopes = new[]
{
ConfigurationManager.AppSettings["testScope"]
}
});
app.Use<ServiceProvisionMiddleware>();
}
我认为最好的办法是安装Microsoft。AspNetCore。身份验证。JwtBearer与微软合作。IdentityModel。代币,当然还有微软。AspNetCore。身份EntityFrameworkCore。
可能等效的方法(尽管不是完全相同的语义(是AddJwtBearer。
当我在ASPnet核心中设置Jwt时,我会这样做:
启动.cs
public void ConfigureServices(IServiceCollection services){
// (...)
// identity
services.AddIdentity<IdentityUser, IdentityRole>()
.AddEntityFrameworkStores<IdentityDbContext<IdentityUser>>()
.AddDefaultTokenProviders();
// authentication
services.AddAuthentication( options => {
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer( options => {
options.Authority = "my-authority",
options.BackchannelHttpHandler = myCustomHttpHandler,
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new TokenValidationParameters {
ValidateIssuerSigningKey = true,
IssuerSigningKey = "my-super-secure-secret",
ValidateIssuer = true,
ValidIssuer = "my-issuer",
ValidateAudience = true,
ValidAudience = "my-audience"
};
});