Asp.NetCoreWebApi图片上传接口(二)集成IdentityServer4授权访问(附源码) (2)

在Startup.cs中注入IdentityServer服务并使用中间件,代码如下:

// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { //注入IdentityServer服务 services.AddIdentityServer() .AddDeveloperSigningCredential() .AddInMemoryClients(ApiConfig.GetClients()) .AddInMemoryApiResources(ApiConfig.GetApiResources()); services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } //添加认证中间件 app.UseIdentityServer(); app.UseMvc(); }

用Postman测试并获取AccessToken吧!如下图所示,在Post请求中传入,认证类型,client_id以及client_secret即可获取AccessToken:

成功获取Access_Token

当传入错误的Client_id或者密码将出现下面的结果

错误的密码,获取不到

至此IdentityServer服务已经简单地完成了!下面改造下我们的图片上传服务。

改造图片上传接口,加入授权认证

在图片上传api项目中添加IdentityServer nuget包,这里只需要加入AccessTokenValidation包即可,注意选择api项目:

Install-Package IdentityServer4.AccessTokenValidation

安装AccessTokenValidation

appsettings.json中加入IdentityServerOptions,进行IdentityServer的一些配置

"IdentityServerOptions": { "ServerIP": "localhost", "ServerPort": 5001, "IdentityScheme": "Bearer", "ResourceName": "PictureApi" }

新建一个类用来匹配这个options,这样可以爽爽的使用:

/// <summary> /// yilezhu /// 2018.7.15 /// IdentityServer的配置选项 /// </summary> public class IdentityServerOptions { /// <summary> /// 授权服务器的Ip地址 /// </summary> public string ServerIP { get; set; } /// <summary> /// 授权服务器的端口号 /// </summary> public int ServerPort { get; set; } /// <summary> /// access_token的类型,获取access_token的时候返回参数中的token_type一致 /// </summary> public string IdentityScheme { get; set; } /// <summary> /// 资源名称,认证服务注册的资源列表名称一致, /// </summary> public string ResourceName { get; set; } }

在Startup.cs中加入identityServer验证

// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { //注入Options OptionsConfigure(services); var identityServerOptions = new IdentityServerOptions(); Configuration.Bind("IdentityServerOptions", identityServerOptions); services.AddAuthentication(identityServerOptions.IdentityScheme) .AddIdentityServerAuthentication(options => { options.RequireHttpsMetadata = false; //是否启用https options.Authority = $"http://{identityServerOptions.ServerIP}:{identityServerOptions.ServerPort}";//配置授权认证的地址 options.ApiName = identityServerOptions.ResourceName; //资源名称,跟认证服务中注册的资源列表名称中的apiResource一致 } ); services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } app.UseAuthentication(); app.UseMvc(); } /// <summary> /// yilezhu /// 2018.7.10 /// 注册Options /// </summary> /// <param>服务容器</param> private void OptionsConfigure(IServiceCollection services) { //MongodbHost信息 services.Configure<MongodbHostOptions>(Configuration.GetSection("MongodbHost")); //图片选项 services.Configure<PictureOptions>(Configuration.GetSection("PictureOptions")); }

为需要说全访问的图片上传接口添加[Authorize]特性,当然要引用下命名空间:

using Microsoft.AspNetCore.Authorization; /// <summary> /// 接口上传图片方法 /// </summary> /// <param>文件传输对象,传过来的json数据</param> /// <returns>上传结果</returns> [HttpPost] [Authorize] public async Task<UploadResult> Post([FromBody] FileDtos fileDtos) { ………… }

把授权服务以及图片上传接口同时启动下,然后Postman再次进行下图片上传的测试:

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:https://www.heiqu.com/zwddxg.html