  • IdentityServer4 搭建

    环境 .net5

    1. 安装dotnet 工具:

    dotnet new -i IdentityServer4.Templates
    dotnet tool install --global dotnet-ef

    mkdir tmp,

    cd tml

    dotnet new is4ef

    这会生成支持 EFCode的项目,项目名称是当前文件夹的名称 tmp。默认是Sqlite数据库。

    里面包含 一个QuickStart的文件夹,用以显示界面。



    2. 切换SQL Server 数据库。

    dotnet add package Microsoft.EntityFrameworkCore.SqlServer
    dotnet tool install --global dotnet-ef
    dotnet add package Microsoft.EntityFrameworkCore.Design
    var migrationsAssembly = typeof(Startup).GetTypeInfo().Assembly.GetName().Name;
    var connectionString = Configuration.GetConnectionString("DefaultConnection");
        .AddConfigurationStore(options =>
            options.ConfigureDbContext = b => b.UseSqlServer(connectionString,
                sql => sql.MigrationsAssembly(migrationsAssembly));
        .AddOperationalStore(options =>
            options.ConfigureDbContext = b => b.UseSqlServer(connectionString,
                sql => sql.MigrationsAssembly(migrationsAssembly));


    dotnet ef migrations add InitialIdentityServerPersistedGrantDbMigration -c PersistedGrantDbContext -o Data/Migrations/IdentityServer/PersistedGrantDb
    dotnet ef migrations add InitialIdentityServerConfigurationDbMigration -c ConfigurationDbContext -o Data/Migrations/IdentityServer/ConfigurationDb


    PersistedGrantDbContext 下面有2个集合 DeviceCodes  PersistedGrants,用于临时操作数据,如授权代码和刷新令牌等
    public class PersistedGrant
            public PersistedGrant();
            public string Key { get; set; }
            public string Type { get; set; }
            public string SubjectId { get; set; }
            public string SessionId { get; set; }
            public string ClientId { get; set; }
            public string Description { get; set; }
            public DateTime CreationTime { get; set; }
            public DateTime? Expiration { get; set; }
            public DateTime? ConsumedTime { get; set; }
            public string Data { get; set; }
     public class DeviceFlowCodes
            public DeviceFlowCodes();
            // 摘要:
            //     Gets or sets the device code.
            // 值:
            //     The device code.
            public string DeviceCode { get; set; }
            // 摘要:
            //     Gets or sets the user code.
            // 值:
            //     The user code.
            public string UserCode { get; set; }
            // 摘要:
            //     Gets or sets the subject identifier.
            // 值:
            //     The subject identifier.
            public string SubjectId { get; set; }
            // 摘要:
            //     Gets or sets the session identifier.
            // 值:
            //     The session identifier.
            public string SessionId { get; set; }
            // 摘要:
            //     Gets or sets the client identifier.
            // 值:
            //     The client identifier.
            public string ClientId { get; set; }
            // 摘要:
            //     Gets the description the user assigned to the device being authorized.
            // 值:
            //     The description.
            public string Description { get; set; }
            // 摘要:
            //     Gets or sets the creation time.
            // 值:
            //     The creation time.
            public DateTime CreationTime { get; set; }
            // 摘要:
            //     Gets or sets the expiration.
            // 值:
            //     The expiration.
            public DateTime? Expiration { get; set; }
            // 摘要:
            //     Gets or sets the data.
            // 值:
            //     The data.
            public string Data { get; set; }
    View Code

    剩下的都是Configration 的,用于配置数据,如Client,Apiresouce,scopes等
    public DbSet<Client> Clients { get; set; }
            // 摘要:
            //     Gets or sets the clients' CORS origins.
            // 值:
            //     The clients CORS origins.
            public DbSet<ClientCorsOrigin> ClientCorsOrigins { get; set; }
            // 摘要:
            //     Gets or sets the identity resources.
            // 值:
            //     The identity resources.
            public DbSet<IdentityResource> IdentityResources { get; set; }
            // 摘要:
            //     Gets or sets the API resources.
            // 值:
            //     The API resources.
            public DbSet<ApiResource> ApiResources { get; set; }
            // 摘要:
            //     Gets or sets the API scopes.
            // 值:
            //     The API resources.
            public DbSet<ApiScope> ApiScopes { get; set; }
    View Code


    private void InitializeDatabase(IApplicationBuilder app)
        using (var serviceScope = app.ApplicationServices.GetService<IServiceScopeFactory>().CreateScope())
            var context = serviceScope.ServiceProvider.GetRequiredService<ConfigurationDbContext>();
            if (!context.Clients.Any())
                foreach (var client in Config.Clients)
            if (!context.IdentityResources.Any())
                foreach (var resource in Config.IdentityResources)
            if (!context.ApiScopes.Any())
                foreach (var resource in Config.ApiScopes)


    如果有错误,检查当前的项目版本,是不是 .Net5, 然后确保Nuget 包是最近的

