asp.net core模块学习

一、配置管理

二、管道

三、认证与授权

四、MVCDemo

五、IdentityServer4

https://pan.baidu.com/s/15etE9CNfzDLCHW6ZHc-euw

2，JWT认证

jwt验证网站： https://jwt.io/

namespace JwtAuthenticate.Models { public class JwtSettings { //token是谁颁发的 public string Issure{get;set;} //可以给那些客户端使用 public string Audience{get;set;} //需要加密的Secretkey public string Secretkey{get;set;} } }
JwtAuthenticate.Models.JwtSettings
{ "Logging": { "IncludeScopes": false, "Debug": { "LogLevel": { "Default": "Warning" } }, "Console": { "LogLevel": { "Default": "Warning" } } }, "JwtSettings":{ "Audience":"http://localhost:5000", "Issure":"http://localhost:5000", "SecretKey":"11111111111111111" } }
appsettings.json
using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; using JwtAuthenticate.Models; using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.IdentityModel.Tokens; using System.Text; namespace JwtAuthenticate { public class Startup { public Startup(IConfiguration configuration) { Configuration = configuration; } public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { //将配置文件jwtSettings注册进来 //public AuthorizeController(IOptions jwtSettings)会使用到 services.Configure(Configuration.GetSection("jwtSettings")); var jwtSettings=new JwtSettings(); Configuration.Bind("JwtSettings",jwtSettings); services.AddAuthentication(options=>{//配置Authentication options.DefaultAuthenticateScheme=JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme=JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options=>{//配置JwtBearer options.TokenValidationParameters=new TokenValidationParameters{ ValidIssuer=jwtSettings.Issure, ValidAudience=jwtSettings.Audience, IssuerSigningKey=new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSettings.Secretkey)) }; }); services.AddMvc(); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } app.UseAuthentication(); app.UseMvc(); } } }
Startup
using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Authorization; using JwtAuthenticate.Models; using System.Security.Claims; using Microsoft.IdentityModel.Tokens; using System.Text; using Microsoft.Extensions.Options; using System.IdentityModel.Tokens.Jwt; namespace JwtAuthenticate.Controllers { [Route("api/[controller]")] public class AuthorizeController:Controller { private JwtSettings _jwtSettings; public AuthorizeController(IOptions jwtSettings) { _jwtSettings=jwtSettings.Value; } [HttpGet] public string A() { return "a"; } [HttpPost] public IActionResult Token([FromBody]LoginViewModel model) { if(!ModelState.IsValid)return BadRequest(); if(!(model.UserName=="hunter"&&model.Password=="123456"))return BadRequest(); var claims=new Claim[]{ new Claim(ClaimTypes.Name,"hunter"), new Claim(ClaimTypes.Role,"admin") }; var key=new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.Secretkey)); var creds=new SigningCredentials(key,SecurityAlgorithms.HmacSha256); var token=new JwtSecurityToken( _jwtSettings.Issure ,_jwtSettings.Audience ,claims,DateTime.Now,DateTime.Now.AddMinutes(30) ,creds); return Ok(new {token=new JwtSecurityTokenHandler().WriteToken(token)}); } } }
AuthorizeController

3，基于Claim的Jwt认证

①加上authorize标签

using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Authorization; namespace JwtAuthenticate.Controllers { [Route("api/[controller]")] public class ValuesController : Controller { [Authorize(Policy="values.Get")] // GET api/values [HttpGet] public IEnumerable<string> Get() { return new string[] { "value1", "value2" }; } [Authorize(Policy="values.Get")] // GET api/values/5 [HttpGet("{id}")] public string Get(int id) { return "value"; } [Authorize(Policy="values.Post")] // POST api/values [HttpPost] public void Post([FromBody]string value) { } [Authorize(Policy="values.Put")] // PUT api/values/5 [HttpPut("{id}")] public void Put(int id, [FromBody]string value) { } [Authorize(Policy="values.Delete")] // DELETE api/values/5 [HttpDelete("{id}")] public void Delete(int id) { } } }
ValuesController
②设置Policy

using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; using JwtAuthenticate.Models; using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.IdentityModel.Tokens; using System.Text; namespace JwtAuthenticate { public class Startup { public Startup(IConfiguration configuration) { Configuration = configuration; } public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { //将配置文件jwtSettings注册进来 //public AuthorizeController(IOptions jwtSettings)会使用到 services.Configure(Configuration.GetSection("jwtSettings")); var jwtSettings=new JwtSettings(); Configuration.Bind("JwtSettings",jwtSettings); services.AddAuthentication(options=>{//配置Authentication options.DefaultAuthenticateScheme=JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme=JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options=>{//配置JwtBearer options.TokenValidationParameters=new TokenValidationParameters{ ValidIssuer=jwtSettings.Issure, ValidAudience=jwtSettings.Audience, IssuerSigningKey=new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSettings.Secretkey)) }; }); //设置policy services.AddAuthorization(option=>{ option.AddPolicy("values.Get",policy=>{policy.RequireClaim("values.Get");}); option.AddPolicy("values.Post",policy=>{policy.RequireClaim("values.Post");}); option.AddPolicy("values.Delete",policy=>{policy.RequireClaim("values.Delete");}); option.AddPolicy("values.Put",policy=>{policy.RequireClaim("values.Put");}); }); services.AddMvc(); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } app.UseAuthentication(); app.UseMvc(); } } }
Startup
③授权

只能访问values.Get和values.Put了

using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Authorization; using JwtAuthenticate.Models; using System.Security.Claims; using Microsoft.IdentityModel.Tokens; using System.Text; using Microsoft.Extensions.Options; using System.IdentityModel.Tokens.Jwt; namespace JwtAuthenticate.Controllers { [Route("api/[controller]")] public class AuthorizeController:Controller { private JwtSettings _jwtSettings; public AuthorizeController(IOptions jwtSettings) { _jwtSettings=jwtSettings.Value; } [HttpGet] public string A() { return "a"; } [HttpPost] public IActionResult Token([FromBody]LoginViewModel model) { if(!ModelState.IsValid)return BadRequest(); if(!(model.UserName=="hunter"&&model.Password=="123456"))return BadRequest(); var claims=new Claim[]{ new Claim(ClaimTypes.Name,"hunter"), new Claim("values.Get","true"), new Claim("values.Put","true") }; var key=new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.Secretkey)); var creds=new SigningCredentials(key,SecurityAlgorithms.HmacSha256); var token=new JwtSecurityToken( _jwtSettings.Issure ,_jwtSettings.Audience ,claims,DateTime.Now,DateTime.Now.AddMinutes(30) ,creds); return Ok(new {token=new JwtSecurityTokenHandler().WriteToken(token)}); } } }
AuthorizeController
案例下载：https://pan.baidu.com/s/1NKJNVMIHeVdPFcua_eH1sQ

https://pan.baidu.com/s/1y1B3Vnudkke71eIuPQ937A

https://pan.baidu.com/s/1zoX3P5yuktW_HaaOGRGFOQ

2，刷新token

,

3，OAuth2.0密码模式（数据库操作）

4，OIDC（内存模式）

①介绍

OpenID Connect是OpenID的升级版，简称OIDC。OIDC使用OAuth2的授权服务器来为第三方客户端提供用户的身份认证，并把对应的身份认证信息传递给客户端。

OAuth2.0主要用于授权。OIDC主要用来认证

5，OIDC（数据库模式）

netcore

相关

.NetCore简单封装基于IHttpClientFactory的HttpClient请求

C# string 加号与StringBuilder .netCore3.1与 .netCore5.0速度测试

[译]使用DOT语言和GraphvizOnline来可视化你的ASP.NETCore3.0终结点01

使用docker运行dotnetcore站点

netcore2.x下 RSA加解密错误:Operation is not supported on this platform.

.NETCORE 学习计划及目标

Asp.NetCore3.1 WebApi 使用Jwt 授权认证使用

.NetCore中HttpClient简单封装

.NetCore使用protobuf 生成C#代码(Grpc)

Bitter.Core系列十二：Bitter ORM NETCORE ORM 全网最粗暴简单易用高性能的 NETCore

手把手教你AspNetCore WebApi：认证与授权

netcore 非注入全局获取配置文件

标签