ASP.NET Core分布式项目实战(业务介绍,架构设计,oAuth2,IdentityServer4)--学习...
source link: http://mp.weixin.qq.com/s?__biz=MzAwNTMxMzg1MA%3D%3D&%3Bmid=2654077915&%3Bidx=4&%3Bsn=4aaf83b25c99bcef93db9dcae9dc56ec
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
任务4:第一章计划与目录
-
敏捷产品开发流程
-
原型预览与业务介绍
-
整体架构设计
-
API 接口设计 / swagger
-
Identity Server 4 搭建登录
-
账号 API 实现
-
配置中心
任务5:业务介绍
项目背景:基于人脉关系的金融行业项目
用户:
1、账号:
-
基本资料维护
-
登录
2、管理自己的项目
-
创建
-
分享(可见权限范围)
-
置顶
-
查看项目进展
3、引入别人的项目
-
查看好友的项目
-
查看二度人脉的项目
-
查看系统推荐的项目
-
查看别人的项目
-
参与别人的项目
4、消息:
-
聊天消息
-
系统消息
5、好友:
-
添加好友(导入通信录,手机号搜索好友)
任务6:架构设计
任务7:oAuth2介绍
OAuth是一个关于授权(authorization)的开放网络标准
四种授权方式:
-
授权码模式
-
简化模式
-
密码模式
-
客户端模式
理解OAuth 2.0:
https://www.ruanyifeng.com/blog/2014/05/oauth_2_0.html
任务8:IdentityServer4登录中心
新建项目
dotnet new webapi --name IdentityServerCenter
添加 Nuget 包:IdentityServer4
VS Code 如何安装 nuget:
https://blog.csdn.net/qq_36051316/article/details/84106418
安装失败原因及解决方案:
vscode解决nuget插件不能使用的问题:
https://www.cnblogs.com/lori/p/11651079.html
Visual Studio 连接不上NuGet 官方程序包源的解决办法:
https://blog.csdn.net/weixin_34161083/article/details/85764761
配置 Startup 配置
添加引用
using IdentityServer4;
注册服务
services.AddIdentityServer()
.AddDeveloperSigningCredential();
使用服务
app.UseIdentityServer();
在 Program.cs 中配置启动端口
webBuilder.UseUrls("http://localhost:5000");
添加配置类 Config.cs,初始化 IdentityServer4
using System.Collections;
using System.Collections.Generic;
using IdentityServer4.Models;
namespace IdentityServerCenter
{
public class Config
{
public static IEnumerable<ApiResource> GetResource()
{
return new List<ApiResource>
{
new ApiResource("api", "My Api")
};
}
public static IEnumerable<Client> GetClients()
{
return new List<Client>
{
new Client()
{
ClientId = "client",
AllowedGrantTypes = GrantTypes.ClientCredentials,
ClientSecrets =
{
new Secret("secret".Sha256())
},
AllowedScopes = {"api"},
}
};
}
}
}
更改 IdentityServer4 配置
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryApiResources(Config.GetResource())
.AddInMemoryClients(Config.GetClients());
启动程序
dotnet run
访问地址
http://localhost:5000/.well-known/openid-configuration
结果如下( json 格式化)
{
"issuer": "http://localhost:5000",
"jwks_uri": "http://localhost:5000/.well-known/openid-configuration/jwks",
"authorization_endpoint": "http://localhost:5000/connect/authorize",
"token_endpoint": "http://localhost:5000/connect/token",
"userinfo_endpoint": "http://localhost:5000/connect/userinfo",
"end_session_endpoint": "http://localhost:5000/connect/endsession",
"check_session_iframe": "http://localhost:5000/connect/checksession",
"revocation_endpoint": "http://localhost:5000/connect/revocation",
"introspection_endpoint": "http://localhost:5000/connect/introspect",
"device_authorization_endpoint": "http://localhost:5000/connect/deviceauthorization",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true,
"backchannel_logout_supported": true,
"backchannel_logout_session_supported": true,
"scopes_supported": [
"api",
"offline_access"
],
"claims_supported": [],
"grant_types_supported": [
"authorization_code",
"client_credentials",
"refresh_token",
"implicit",
"urn:ietf:params:oauth:grant-type:device_code"
],
"response_types_supported": [
"code",
"token",
"id_token",
"id_token token",
"code id_token",
"code token",
"code id_token token"
],
"response_modes_supported": [
"form_post",
"query",
"fragment"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"subject_types_supported": [
"public"
],
"code_challenge_methods_supported": [
"plain",
"S256"
],
"request_parameter_supported": true
}
可以看到四种授权方式:
"grant_types_supported": [
"authorization_code",
"client_credentials",
"refresh_token",
"implicit",
"urn:ietf:params:oauth:grant-type:device_code"
],
课程链接
http://video.jessetalk.cn/course/explore
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK