1. 使用Vsual Studio Code 终端执行 dotnet new webapi --name IdentityServerSample 命令创建一个webapi 的 IdentityServer4Sample 项目
2. 添加Config.cs 类
using System.Collections; using System.Collections.Generic; using IdentityServer4.Models; namespace IdentityServiceSample { public class Config { public static IEnumerable<ApiResource> GetResource() { return new List<ApiResource>(){ new ApiResource("api","my api") }; } public static IEnumerable<Client> GetClients() { return new List<Client>(){ new Client(){ ClientId="client", AllowedGrantTypes=GrantTypes.ClientCredentials, ClientSecrets={new Secret("secrt".Sha256())}, AllowedScopes={"api"} } }; } } }
3. 修改 Startup.cs 如下 (安装IdentityServer4 包 当前使用的是2.1.1)
using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.HttpsPolicy; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; using IdentityServer4; namespace IdentityServiceSample { public class Startup { public Startup(IConfiguration configuration) { Configuration = configuration; } public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { //1.注入IdentityServer services.AddIdentityServer().AddDeveloperSigningCredential().AddInMemoryApiResources(Config.GetResource()) .AddInMemoryClients(Config.GetClients()); services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } else { app.UseHsts(); } app.UseHttpsRedirection(); // app.UseMvc(); //2. 注册IdentityServer app.UseIdentityServer(); } } }
4. 修改 Program.cs UseUrls 启动地址
using System; using System.Collections.Generic; using System.IO; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore; using Microsoft.AspNetCore.Hosting; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.Logging; namespace IdentityServiceSample { public class Program { public static void Main(string[] args) { CreateWebHostBuilder(args).Build().Run(); } public static IWebHostBuilder CreateWebHostBuilder(string[] args) => WebHost.CreateDefaultBuilder(args) .UseUrls("https://localhost:5000") //修改启动地址 .UseStartup<Startup>(); } }
5. dotnet run 运行
可以用:https://localhost:5000/.well-known/openid-configuration 查看配置信息 类似于Endpoint
{ "issuer":"https://localhost:5000", "jwks_uri":"https://localhost:5000/.well-known/openid-configuration/jwks", "authorization_endpoint":"https://localhost:5000/connect/authorize", "token_endpoint":"https://localhost:5000/connect/token", "userinfo_endpoint":"https://localhost:5000/connect/userinfo", "end_session_endpoint":"https://localhost:5000/connect/endsession", "check_session_iframe":"https://localhost:5000/connect/checksession", "revocation_endpoint":"https://localhost:5000/connect/revocation", "introspection_endpoint":"https://localhost:5000/connect/introspect", "frontchannel_logout_supported":true, "frontchannel_logout_session_supported":true, "backchannel_logout_supported":true, "backchannel_logout_session_supported":true, "scopes_supported":[ "api", "offline_access" ], "claims_supported":[ ], "grant_types_supported":[ "authorization_code", "client_credentials", "refresh_token", "implicit" ], "response_types_supported":[ "code", "token", "id_token", "id_token token", "code id_token", "code token", "code id_token token" ], "response_modes_supported":[ "form_post", "query", "fragment" ], "token_endpoint_auth_methods_supported":[ "client_secret_basic", "client_secret_post" ], "subject_types_supported":[ "public" ], "id_token_signing_alg_values_supported":[ "RS256" ], "code_challenge_methods_supported":[ "plain", "S256" ] }