mirror of
https://github.com/anjoy8/Blog.Core.git
synced 2024-09-20 23:48:27 +08:00
feat: add authing sso
This commit is contained in:
parent
5092087379
commit
a30f184996
|
@ -56,6 +56,7 @@ builder.Services.AddSingleton(new LogLock(builder.Environment.ContentRootPath));
|
|||
builder.Services.AddUiFilesZipSetup(builder.Environment);
|
||||
|
||||
Permissions.IsUseIds4 = AppSettings.app(new string[] { "Startup", "IdentityServer4", "Enabled" }).ObjToBool();
|
||||
Permissions.IsUseAuthing = AppSettings.app(new string[] { "Startup", "Authing", "Enabled" }).ObjToBool();
|
||||
RoutePrefix.Name = AppSettings.app(new string[] { "AppSettings", "SvcName" }).ObjToString();
|
||||
|
||||
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
|
||||
|
@ -79,9 +80,10 @@ builder.Services.AddEventBusSetup();
|
|||
builder.Services.AddNacosSetup(builder.Configuration);
|
||||
|
||||
builder.Services.AddAuthorizationSetup();
|
||||
if (Permissions.IsUseIds4)
|
||||
if (Permissions.IsUseIds4 || Permissions.IsUseAuthing)
|
||||
{
|
||||
builder.Services.AddAuthentication_Ids4Setup();
|
||||
if (Permissions.IsUseIds4) builder.Services.AddAuthentication_Ids4Setup();
|
||||
else if (Permissions.IsUseAuthing) builder.Services.AddAuthentication_AuthingSetup();
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
|
@ -189,6 +189,12 @@
|
|||
"AuthorizationUrl": "http://localhost:5004", // 认证中心域名
|
||||
"ApiName": "blog.core.api" // 资源服务器
|
||||
},
|
||||
"Authing": {
|
||||
"Enabled": true,
|
||||
"Issuer": "https://uldr24esx31h-demo.authing.cn/oidc",
|
||||
"Audience": "63d51c4205c2849803be5178",
|
||||
"JwksUri": "https://uldr24esx31h-demo.authing.cn/oidc/.well-known/jwks.json"
|
||||
},
|
||||
"RedisMq": {
|
||||
"Enabled": false //redis 消息队列
|
||||
},
|
||||
|
|
|
@ -20,6 +20,12 @@
|
|||
/// true:表示启动IDS4
|
||||
/// false:表示使用JWT
|
||||
public static bool IsUseIds4 = false;
|
||||
|
||||
/// <summary>
|
||||
/// 当前项目是否启用Authing权限方案
|
||||
/// true:表示启动
|
||||
/// false:表示使用JWT
|
||||
public static bool IsUseAuthing = false;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
<PackageReference Include="Com.Ctrip.Framework.Apollo" Version="2.8.0" />
|
||||
<PackageReference Include="Com.Ctrip.Framework.Apollo.Configuration" Version="2.8.0" />
|
||||
<PackageReference Include="Consul" Version="1.6.10.7" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.8" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.11" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" Version="6.0.8" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.SignalR" Version="1.1.0" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.SignalR.Protocols.NewtonsoftJson" Version="6.0.8" />
|
||||
|
@ -20,6 +20,7 @@
|
|||
<PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="6.0.0" />
|
||||
<PackageReference Include="Microsoft.Extensions.Logging.Log4Net.AspNetCore" Version="6.1.0" />
|
||||
<PackageReference Include="MiniProfiler.AspNetCore.Mvc" Version="4.2.22" />
|
||||
<PackageReference Include="NetDevPack.Security.JwtExtensions" Version="6.0.2" />
|
||||
<PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
|
||||
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.4.0" />
|
||||
<PackageReference Include="Swashbuckle.AspNetCore.Filters" Version="7.0.5" />
|
||||
|
|
|
@ -0,0 +1,53 @@
|
|||
using Blog.Core.AuthHelper;
|
||||
using Blog.Core.Common;
|
||||
using Blog.Core.Common.HttpContextUser;
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using NetDevPack.Security.JwtExtensions;
|
||||
using System;
|
||||
|
||||
namespace Blog.Core.Extensions
|
||||
{
|
||||
/// <summary>
|
||||
/// Authing权限 认证服务
|
||||
/// </summary>
|
||||
public static class Authentication_AuthingSetup
|
||||
{
|
||||
public static void AddAuthentication_AuthingSetup(this IServiceCollection services)
|
||||
{
|
||||
if (services == null) throw new ArgumentNullException(nameof(services));
|
||||
|
||||
var tokenValidationParameters = new TokenValidationParameters
|
||||
{
|
||||
ValidIssuer = AppSettings.app(new string[] { "Startup", "Authing", "Issuer" }),
|
||||
ValidAudience = AppSettings.app(new string[] { "Startup", "Authing", "Audience" }),
|
||||
ValidAlgorithms = new string[] { "RS256" },
|
||||
//ValidateLifetime = true,
|
||||
//ClockSkew = TimeSpan.FromSeconds(30),
|
||||
//RequireExpirationTime = true,
|
||||
};
|
||||
|
||||
services.AddAuthentication(o =>
|
||||
{
|
||||
//认证middleware配置
|
||||
o.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
|
||||
o.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
|
||||
o.DefaultChallengeScheme = nameof(ApiResponseHandler);
|
||||
o.DefaultForbidScheme = nameof(ApiResponseHandler);
|
||||
})
|
||||
.AddJwtBearer(o =>
|
||||
{
|
||||
//主要是jwt token参数设置
|
||||
o.TokenValidationParameters = tokenValidationParameters;
|
||||
o.RequireHttpsMetadata = false;
|
||||
o.SaveToken = false;
|
||||
o.IncludeErrorDetails = true;
|
||||
o.SetJwksOptions(new JwkOptions(AppSettings.app(new string[] { "Startup", "Authing", "JwksUri" }), AppSettings.app(new string[] { "Startup", "Authing", "Issuer" }), new TimeSpan(TimeSpan.TicksPerDay)));
|
||||
})
|
||||
.AddScheme<AuthenticationSchemeOptions, ApiResponseHandler>(nameof(ApiResponseHandler), o => { });
|
||||
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user