mirror of
https://github.com/anjoy8/Blog.Core.git
synced 2024-09-20 23:48:27 +08:00
feat: add authing sso
This commit is contained in:
parent
5092087379
commit
a30f184996
|
@ -56,6 +56,7 @@ builder.Services.AddSingleton(new LogLock(builder.Environment.ContentRootPath));
|
||||||
builder.Services.AddUiFilesZipSetup(builder.Environment);
|
builder.Services.AddUiFilesZipSetup(builder.Environment);
|
||||||
|
|
||||||
Permissions.IsUseIds4 = AppSettings.app(new string[] { "Startup", "IdentityServer4", "Enabled" }).ObjToBool();
|
Permissions.IsUseIds4 = AppSettings.app(new string[] { "Startup", "IdentityServer4", "Enabled" }).ObjToBool();
|
||||||
|
Permissions.IsUseAuthing = AppSettings.app(new string[] { "Startup", "Authing", "Enabled" }).ObjToBool();
|
||||||
RoutePrefix.Name = AppSettings.app(new string[] { "AppSettings", "SvcName" }).ObjToString();
|
RoutePrefix.Name = AppSettings.app(new string[] { "AppSettings", "SvcName" }).ObjToString();
|
||||||
|
|
||||||
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
|
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
|
||||||
|
@ -79,9 +80,10 @@ builder.Services.AddEventBusSetup();
|
||||||
builder.Services.AddNacosSetup(builder.Configuration);
|
builder.Services.AddNacosSetup(builder.Configuration);
|
||||||
|
|
||||||
builder.Services.AddAuthorizationSetup();
|
builder.Services.AddAuthorizationSetup();
|
||||||
if (Permissions.IsUseIds4)
|
if (Permissions.IsUseIds4 || Permissions.IsUseAuthing)
|
||||||
{
|
{
|
||||||
builder.Services.AddAuthentication_Ids4Setup();
|
if (Permissions.IsUseIds4) builder.Services.AddAuthentication_Ids4Setup();
|
||||||
|
else if (Permissions.IsUseAuthing) builder.Services.AddAuthentication_AuthingSetup();
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
|
|
@ -189,6 +189,12 @@
|
||||||
"AuthorizationUrl": "http://localhost:5004", // 认证中心域名
|
"AuthorizationUrl": "http://localhost:5004", // 认证中心域名
|
||||||
"ApiName": "blog.core.api" // 资源服务器
|
"ApiName": "blog.core.api" // 资源服务器
|
||||||
},
|
},
|
||||||
|
"Authing": {
|
||||||
|
"Enabled": true,
|
||||||
|
"Issuer": "https://uldr24esx31h-demo.authing.cn/oidc",
|
||||||
|
"Audience": "63d51c4205c2849803be5178",
|
||||||
|
"JwksUri": "https://uldr24esx31h-demo.authing.cn/oidc/.well-known/jwks.json"
|
||||||
|
},
|
||||||
"RedisMq": {
|
"RedisMq": {
|
||||||
"Enabled": false //redis 消息队列
|
"Enabled": false //redis 消息队列
|
||||||
},
|
},
|
||||||
|
|
|
@ -20,6 +20,12 @@
|
||||||
/// true:表示启动IDS4
|
/// true:表示启动IDS4
|
||||||
/// false:表示使用JWT
|
/// false:表示使用JWT
|
||||||
public static bool IsUseIds4 = false;
|
public static bool IsUseIds4 = false;
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// 当前项目是否启用Authing权限方案
|
||||||
|
/// true:表示启动
|
||||||
|
/// false:表示使用JWT
|
||||||
|
public static bool IsUseAuthing = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
<PackageReference Include="Com.Ctrip.Framework.Apollo" Version="2.8.0" />
|
<PackageReference Include="Com.Ctrip.Framework.Apollo" Version="2.8.0" />
|
||||||
<PackageReference Include="Com.Ctrip.Framework.Apollo.Configuration" Version="2.8.0" />
|
<PackageReference Include="Com.Ctrip.Framework.Apollo.Configuration" Version="2.8.0" />
|
||||||
<PackageReference Include="Consul" Version="1.6.10.7" />
|
<PackageReference Include="Consul" Version="1.6.10.7" />
|
||||||
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.8" />
|
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.11" />
|
||||||
<PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" Version="6.0.8" />
|
<PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" Version="6.0.8" />
|
||||||
<PackageReference Include="Microsoft.AspNetCore.SignalR" Version="1.1.0" />
|
<PackageReference Include="Microsoft.AspNetCore.SignalR" Version="1.1.0" />
|
||||||
<PackageReference Include="Microsoft.AspNetCore.SignalR.Protocols.NewtonsoftJson" Version="6.0.8" />
|
<PackageReference Include="Microsoft.AspNetCore.SignalR.Protocols.NewtonsoftJson" Version="6.0.8" />
|
||||||
|
@ -20,6 +20,7 @@
|
||||||
<PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="6.0.0" />
|
<PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="6.0.0" />
|
||||||
<PackageReference Include="Microsoft.Extensions.Logging.Log4Net.AspNetCore" Version="6.1.0" />
|
<PackageReference Include="Microsoft.Extensions.Logging.Log4Net.AspNetCore" Version="6.1.0" />
|
||||||
<PackageReference Include="MiniProfiler.AspNetCore.Mvc" Version="4.2.22" />
|
<PackageReference Include="MiniProfiler.AspNetCore.Mvc" Version="4.2.22" />
|
||||||
|
<PackageReference Include="NetDevPack.Security.JwtExtensions" Version="6.0.2" />
|
||||||
<PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
|
<PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
|
||||||
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.4.0" />
|
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.4.0" />
|
||||||
<PackageReference Include="Swashbuckle.AspNetCore.Filters" Version="7.0.5" />
|
<PackageReference Include="Swashbuckle.AspNetCore.Filters" Version="7.0.5" />
|
||||||
|
|
|
@ -0,0 +1,53 @@
|
||||||
|
using Blog.Core.AuthHelper;
|
||||||
|
using Blog.Core.Common;
|
||||||
|
using Blog.Core.Common.HttpContextUser;
|
||||||
|
using Microsoft.AspNetCore.Authentication;
|
||||||
|
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||||
|
using Microsoft.Extensions.DependencyInjection;
|
||||||
|
using Microsoft.IdentityModel.Tokens;
|
||||||
|
using NetDevPack.Security.JwtExtensions;
|
||||||
|
using System;
|
||||||
|
|
||||||
|
namespace Blog.Core.Extensions
|
||||||
|
{
|
||||||
|
/// <summary>
|
||||||
|
/// Authing权限 认证服务
|
||||||
|
/// </summary>
|
||||||
|
public static class Authentication_AuthingSetup
|
||||||
|
{
|
||||||
|
public static void AddAuthentication_AuthingSetup(this IServiceCollection services)
|
||||||
|
{
|
||||||
|
if (services == null) throw new ArgumentNullException(nameof(services));
|
||||||
|
|
||||||
|
var tokenValidationParameters = new TokenValidationParameters
|
||||||
|
{
|
||||||
|
ValidIssuer = AppSettings.app(new string[] { "Startup", "Authing", "Issuer" }),
|
||||||
|
ValidAudience = AppSettings.app(new string[] { "Startup", "Authing", "Audience" }),
|
||||||
|
ValidAlgorithms = new string[] { "RS256" },
|
||||||
|
//ValidateLifetime = true,
|
||||||
|
//ClockSkew = TimeSpan.FromSeconds(30),
|
||||||
|
//RequireExpirationTime = true,
|
||||||
|
};
|
||||||
|
|
||||||
|
services.AddAuthentication(o =>
|
||||||
|
{
|
||||||
|
//认证middleware配置
|
||||||
|
o.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
|
||||||
|
o.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
|
||||||
|
o.DefaultChallengeScheme = nameof(ApiResponseHandler);
|
||||||
|
o.DefaultForbidScheme = nameof(ApiResponseHandler);
|
||||||
|
})
|
||||||
|
.AddJwtBearer(o =>
|
||||||
|
{
|
||||||
|
//主要是jwt token参数设置
|
||||||
|
o.TokenValidationParameters = tokenValidationParameters;
|
||||||
|
o.RequireHttpsMetadata = false;
|
||||||
|
o.SaveToken = false;
|
||||||
|
o.IncludeErrorDetails = true;
|
||||||
|
o.SetJwksOptions(new JwkOptions(AppSettings.app(new string[] { "Startup", "Authing", "JwksUri" }), AppSettings.app(new string[] { "Startup", "Authing", "Issuer" }), new TimeSpan(TimeSpan.TicksPerDay)));
|
||||||
|
})
|
||||||
|
.AddScheme<AuthenticationSchemeOptions, ApiResponseHandler>(nameof(ApiResponseHandler), o => { });
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user