.net core 中 identity server 4 之Topic --定義API資源

時間 2019-11-18

標籤 core identity server topic 定義 api 資源简体版

原文原文鏈接

想要讓客戶端可以訪問API資源，就須要在Identity Server中定義好API的資源。api

Scope做用域：即API資源的訪問範圍限制。this

做用域是一個資源（一般也稱爲 Web API）的標識符。code

public static IEnumerable<ApiResource> GetApis()
{
    return new[]
    {
        // simple API with a single scope (in this case the scope name is the same as the api name)
        new ApiResource("api1", "Some API 1"),

        // expanded version if more control is needed
        new ApiResource
        {
            Name = "api2",

            // secret for using introspection endpoint
            ApiSecrets =
            {
                new Secret("secret".Sha256())
            },

            // include the following using claims in access token (in addition to subject id)
            UserClaims = { JwtClaimTypes.Name, JwtClaimTypes.Email },

            // this API defines two scopes
            Scopes =
            {
                new Scope()
                {
                    Name = "api2.full_access",
                    DisplayName = "Full access to API 2",
                },
                new Scope
                {
                    Name = "api2.read_only",
                    DisplayName = "Read only access to API 2"
                }
            }
        }
    };
}

相關標籤/搜索