基於 IdentityServer3 實現 OAuth 2.0 受權服務【密碼模式(Resource Owner Password Credentials)】
密碼模式(Resource Owner Password Credentials Grant)中,用戶向客戶端提供本身的用戶名和密碼。客戶端使用這些信息,向"服務商提供商"索要受權。基於以前的 IdentityServer3 實現 OAuth 2.0 受權服務【客戶端模式(Client Credentials Grant)】 修改。html
客戶端 json
public class Clients { public static List<Client> Get() { return new List<Client> { // no human involved new Client { ClientName = "App接口服務", ClientId = "app_test_id", Enabled = true, AccessTokenType = AccessTokenType.Reference, Flow = Flows.ClientCredentials, ClientSecrets = new List<Secret> { new Secret("F621F470-9731-4A25-80EF-67A6F7C5F4B8".Sha256()) }, AllowedScopes = new List<string> { "user", "order" } }, // human is involved new Client { ClientName = "username client", ClientId = "irving", Enabled = true, AccessTokenType = AccessTokenType.Reference, Flow = Flows.ResourceOwner, ClientSecrets = new List<Secret> { new Secret("21B5F798-BE55-42BC-8AA8-0025B903DC3B".Sha256()) }, AllowedScopes = new List<string> { "user", "order" } } }; } }
用戶 api
public class Users { public static List<InMemoryUser> Get() { return new List<InMemoryUser> { new InMemoryUser { Username = "irving", Password = "123456", Subject = "1", Claims = new[] { new Claim(Constants.ClaimTypes.GivenName, "Bob"), new Claim(Constants.ClaimTypes.FamilyName, "Smith") } }, new InMemoryUser { Username = "bob", Password = "secret", Subject = "2" }, new InMemoryUser { Username = "alice", Password = "secret", Subject = "3" } }; } }
服務端配置 app
public class Startup { /// <summary> /// 配置idsv受權服務 /// </summary> /// <param name="app"></param> public void Configuration(IAppBuilder app) { var opts = new IdentityServerOptions { SiteName = "Embedded Homeinns PMS 2.0 OAuth2 Service", EnableWelcomePage = true, Factory = new IdentityServerServiceFactory() .UseInMemoryClients(Clients.Get()) .UseInMemoryScopes(Scopes.Get()) //.UseInMemoryUsers(new List<InMemoryUser>()), .UseInMemoryUsers(Users.Get()), RequireSsl = false, //SigningCertificate = new X509Certificate2(string.Format(@"{0}\bin\identityServer\idsrv3test.pfx", AppDomain.CurrentDomain.BaseDirectory), "idsrv3test") }; app.UseIdentityServer(opts); /* //自定義路由 app.Map("/identity", idsrvApp => { idsrvApp.UseIdentityServer(opts); }); */ }
控制器 ide
[Route("api/v1/values")] public class ValuesController : ApiController { public IHttpActionResult Get() { var caller = User as ClaimsPrincipal; var subjectClaim = caller.FindFirst("sub"); if (subjectClaim != null) { return Json(new { message = "OK user", client = caller.FindFirst("client_id").Value, subject = subjectClaim.Value }); } else { return Json(new { message = "OK computer", client = caller.FindFirst("client_id").Value }); } } }
控制檯 ui
class Program { static void Main(string[] args) { /* POST http://192.168.210.165/connect/token HTTP/1.1 Accept: application/json Authorization: Basic YXBwX3Rlc3RfaWQ6RjYyMUY0NzAtOTczMS00QTI1LTgwRUYtNjdBNkY3QzVGNEI4 Content-Type: application/x-www-form-urlencoded Host: 192.168.210.165 Content-Length: 40 Expect: 100-continue Connection: Keep-Alive grant_type=client_credentials&scope=user */ /* GET http://192.168.210.165:88/api/v1/values HTTP/1.1 Authorization: Bearer 9f82476751e1f8b93f1ea6df7de83b51 Host: 192.168.210.165:88 */ var log = new LoggerConfiguration() .WriteTo .LiterateConsole(outputTemplate: "{Timestamp:HH:mm} [{Level}] ({Name:l}){NewLine} {Message}{NewLine}{Exception}") .CreateLogger(); //ClientCredentials var token = new TokenClient( "http://192.168.210.165/connect/token", "app_test_id", "F621F470-9731-4A25-80EF-67A6F7C5F4B8"); var response = token.RequestClientCredentialsAsync("user").Result; var client = new HttpClient(); client.SetBearerToken(response.AccessToken); log.Information(client.GetStringAsync("http://192.168.210.165:88/api/v1/values").Result); //ResourceOwner var resourceOwnerClient = new TokenClient( "http://192.168.210.165/connect/token", "irving", "21B5F798-BE55-42BC-8AA8-0025B903DC3B"); var data = resourceOwnerClient.RequestResourceOwnerPasswordAsync("irving", "123456", "order").Result; client.SetBearerToken(data.AccessToken); log.Information(client.GetStringAsync("http://192.168.210.165:88/api/v1/values").Result); Console.ReadKey(); } } }
相關文章
- 1. 基於 IdentityServer3 實現 OAuth 2.0 授權服務【客戶端模式(Client Credentials Grant)】
- 2. 基於OWIN WebAPI 使用OAuth受權服務【客戶端驗證受權(Resource Owner Password Credentials Grant)】
- 3. 基於 IdentityServer3 實現 OAuth 2.0 受權服務數據持久化
- 4. IdentityServer4 (2) 密碼受權(Resource Owner Password)
- 5. Oauth2.0(六):Resource Owner Password Credentials 受權和 Client Credentials 受權
- 6. OAuth2.0學習(1-6)受權方式3-密碼模式(Resource Owner Password Credentials Grant)
- 7. 基於 IdentityServer3 實現 OAuth 2.0 授權服務數據持久化
- 8. OAuth 2.0之受權碼模式
- 9. OAuth 2.0受權之受權碼受權
- 10. 基於OWIN WebAPI 使用OAuth受權服務【客戶端模式(Client Credentials Grant)】
- 更多相關文章...
- • Spring聲明式事務管理(基於XML方式實現) - Spring教程
- • Spring聲明式事務管理(基於Annotation註解方式實現) - Spring教程
- • Spring Cloud 微服務實戰(三) - 服務註冊與發現
- • ☆基於Java Instrument的Agent實現
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. eclipse設置粘貼字符串自動轉義
- 2. android客戶端學習-啓動模擬器異常Emulator: failed to initialize HAX: Invalid argument
- 3. android.view.InflateException: class com.jpardogo.listbuddies.lib.views.ListBuddiesLayout問題
- 4. MYSQL8.0數據庫恢復 MYSQL8.0ibd數據恢復 MYSQL8.0恢復數據庫
- 5. 你本是一個肉體,是什麼驅使你前行【1】
- 6. 2018.04.30
- 7. 2018.04.30
- 8. 你本是一個肉體,是什麼驅使你前行【3】
- 9. 你本是一個肉體,是什麼驅使你前行【2】
- 10. 【資訊】LocalBitcoins達到每週交易比特幣的7年低點
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. 基於 IdentityServer3 實現 OAuth 2.0 授權服務【客戶端模式(Client Credentials Grant)】
- 2. 基於OWIN WebAPI 使用OAuth受權服務【客戶端驗證受權(Resource Owner Password Credentials Grant)】
- 3. 基於 IdentityServer3 實現 OAuth 2.0 受權服務數據持久化
- 4. IdentityServer4 (2) 密碼受權(Resource Owner Password)
- 5. Oauth2.0(六):Resource Owner Password Credentials 受權和 Client Credentials 受權
- 6. OAuth2.0學習(1-6)受權方式3-密碼模式(Resource Owner Password Credentials Grant)
- 7. 基於 IdentityServer3 實現 OAuth 2.0 授權服務數據持久化
- 8. OAuth 2.0之受權碼模式
- 9. OAuth 2.0受權之受權碼受權
- 10. 基於OWIN WebAPI 使用OAuth受權服務【客戶端模式(Client Credentials Grant)】