大家好,又见面了,我是你们的朋友全栈君。
在没有购买商业版,又没实现IdentityServer配置管理页功能时,我们又得配置客户端时。
设想通过appsettings.json,临时添加配置,然后执行.DbMigrator迁移数据。
这时原版代码需要以下改动:
修改.Domain项目中IdentityServerDataSeedContributor类的CreateClientsAsync方法。
private async Task CreateClientsAsync()
{
var commonScopes = new[]
{
"email",
"openid",
"profile",
"role",
"phone",
"address"
};
var configurationSection = _configuration.GetSection("IdentityServer:Clients");
foreach (var section in configurationSection.GetChildren())
{
var clientId = section["ClientId"];
var secret = (section["ClientSecret"] ?? "123456").Sha256();
var rootUrl = section["RootUrl"].EnsureEndsWith('/');
var grantTypes = (section["GrantTypes"] ?? "client_credentials").Split();
var redirectUri = section["RedirectUri"] ?? $"{rootUrl}signin-oidc";
var postLogoutRedirectUri = section["PostLogoutRedirectUri"] ?? $"{rootUrl}signout-callback-oidc";
var frontChannelLogoutUri = section["FrontChannelLogoutUri"] ?? rootUrl;
var requireClientSecret = (section["RequireClientSecret"] ?? "False").To<bool>();
var requirePkce = (section["RequirePkce"] ?? "False").To<bool>();
var corsOrigins = new[] { rootUrl.RemovePostFix("/") };
await CreateClientAsync(
name: clientId,
scopes: commonScopes,
grantTypes: grantTypes,
secret: secret,
redirectUri: redirectUri,
postLogoutRedirectUri: postLogoutRedirectUri,
frontChannelLogoutUri: frontChannelLogoutUri,
requireClientSecret,
requirePkce,
corsOrigins: corsOrigins
);
}
}
修改.DbMigrator项目中appsettings.json为:
{
"ConnectionStrings": {
"Default": "Server=(LocalDb)\\MSSQLLocalDB;Database=IdentityServer;Trusted_Connection=True;"
},
"IdentityServer": {
"Clients": {
"TestClient.Mvc": {
"ClientId": "TestClient.Mvc",
"ClientSecret": "TestClient.Mvc",
"RootUrl": "https://localhost:53279",
"GrantTypes": "authorization_code",
"RequirePkce": true
},
"MyProject_Web": {
"ClientId": "MyProject_Web",
"ClientSecret": "1q2w3e*",
"RootUrl": "https://localhost:44393",
"GrantTypes": "hybrid",
"FrontChannelLogoutUri": "https://localhost:44393/Account/FrontChannelLogou"
},
"MyProject_App": {
"ClientId": "MyProject_App",
"ClientSecret": "1q2w3e*",
"RootUrl": "http://localhost:4200",
"GrantTypes": "password client_credentials authorization_code"
},
"MyProject_Blazor": {
"ClientId": "MyProject_Blazor",
"RootUrl": "https://localhost:44307",
"GrantTypes": "authorization_code",
"RedirectUri": "https://localhost:44307/authentication/login-callback",
"PostLogoutRedirectUri": "https://localhost:44307/authentication/logout-callback"
},
"MyProject_Swagger": {
"ClientId": "MyProject_Swagger",
"ClientSecret": "1q2w3e*",
"RootUrl": "https://localhost:44399",
"GrantTypes": "authorization_code",
"redirectUri": "https://localhost:44399/swagger/oauth2-redirect.html"
}
}
}
}
版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请联系我们举报,一经查实,本站将立刻删除。
发布者:全栈程序员-站长,转载请注明出处:https://javaforall.net/155575.html原文链接:https://javaforall.net
