ResourceOwnerPassword模式使用數據庫.

有時候, ResourceOwnerPassword模式有用的, 能夠用來代替咱們原來管理程序的開發方式.

由於管理程序自己擁有用戶數據的權限嘛, 並非第三方應用, 無須要受權

 

集成很簡單.

 

1. 添加ResourceOwnPasswordValidator驗證程序

public class ResourceOwnerPasswordValidator : IResourceOwnerPasswordValidator
    {
        public ResourceOwnerPasswordValidator()
        {

        }

        public Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
        {
            //根據context.UserName和context.Password與數據庫的數據作校驗，判斷是否合法
            if (context.UserName == "jian1" && context.Password == "j1")
            {
                context.Result = new GrantValidationResult(
                 subject: context.UserName,
                 authenticationMethod:  OidcConstants.AuthenticationMethods.Password);
            }
            //else
            //{

            //    //驗證失敗
            //    context.Result = new GrantValidationResult(
            //        TokenRequestErrors.InvalidGrant, 
            //        "invalid custom credential",
            //        );
            //}
            return Task.FromResult(0);
        }
         
    }

 

2. 註冊IdentityServer的時候注入這個驗證程序

// 使用內存存儲，密鑰，客戶端和資源來配置身份服務器。 測試環境
            services.AddIdentityServer()
                .AddDeveloperSigningCredential()
                .AddInMemoryApiResources(AuthorizationConfig.ApiResources())
                .AddInMemoryClients(AuthorizationConfig.Clients())
                .AddInMemoryIdentityResources(AuthorizationConfig.GetIdentityResources()) 
                //添加自定義的ResourceOwnValidator驗證程序
                

.AddResourceOwnerValidator<Models.ResourceOwnerPasswordValidator>()

                .AddProfileService<Services.ProfileService>();