zoukankan      html  css  js  c++  java
  • .net core 用 identitymodel 请求token。

    identitymodel  也有在Nuget里搜索和安装。

    identitymodel 扩展了HttpClient的一些方法用于token请求。

    例如:client.RequestTokenAsync(new TokenRequest)

    Token Endpoint

    The client library for the token endpoint (OAuth 2.0 and OpenID Connect) is provided as a set of extension methods for HttpClient. This allows creating and managing the lifetime of the HttpClient the way you prefer - e.g. statically or via a factory like the Microsoft HttpClientFactory.

    Requesting a token

    The main extension method is called RequestTokenAsync - it has direct support for standard parameters like client ID/secret (or assertion) and grant type, but it also allows setting arbitrary other parameters via a dictionary. All other extensions methods ultimately call this method internally:

    var client = new HttpClient();
    
    var response = await client.RequestTokenAsync(new TokenRequest
    {
        Address = "https://demo.identityserver.io/connect/token",
        GrantType = "custom",
    
        ClientId = "client",
        ClientSecret = "secret",
    
        Parameters =
        {
            { "custom_parameter", "custom value"},
            { "scope", "api1" }
        }
    });
    

    The response is of type TokenResponse and has properties for the standard token response parameters like access_tokenexpires_in etc. You also have access to the the raw response as well as to a parsed JSON document (via the Raw and Json properties).

    Before using the response, you should always check the IsError property to make sure the request was successful:

    if (response.IsError) throw new Exception(response.Error);
    
    var token = response.AccessToken;
    var custom = response.Json.TryGetString("custom_parameter");
    

    Requesting a token using the client_credentials Grant Type

    The RequestClientCredentialsToken extension method has convenience properties for the client_credentials grant type:

    var response = await client.RequestClientCredentialsTokenAsync(new ClientCredentialsTokenRequest
    {
        Address = "https://demo.identityserver.io/connect/token",
    
        ClientId = "client",
        ClientSecret = "secret",
        Scope = "api1"
    });
    

    Requesting a token using the password Grant Type

    The RequestPasswordToken extension method has convenience properties for the password grant type:

    var response = await client.RequestPasswordTokenAsync(new PasswordTokenRequest
    {
        Address = "https://demo.identityserver.io/connect/token",
    
        ClientId = "client",
        ClientSecret = "secret",
        Scope = "api1",
    
        UserName = "bob",
        Password = "bob"
    });
    

    Requesting a token using the authorization_code Grant Type

    The RequestAuthorizationCodeToken extension method has convenience properties for the authorization_code grant type and PKCE:

    var response = await client.RequestAuthorizationCodeTokenAsync(new AuthorizationCodeTokenRequest
    {
        Address = IdentityServerPipeline.TokenEndpoint,
    
        ClientId = "client",
        ClientSecret = "secret",
    
        Code = code,
        RedirectUri = "https://app.com/callback",
    
        // optional PKCE parameter
        CodeVerifier = "xyz"
    });
    

    Requesting a token using the refresh_token Grant Type

    The RequestRefreshToken extension method has convenience properties for the refresh_token grant type:

    var response = await _client.RequestRefreshTokenAsync(new RefreshTokenRequest
    {
        Address = TokenEndpoint,
    
        ClientId = "client",
        ClientSecret = "secret",
    
        RefreshToken = "xyz"
    });
    

    Requesting a Device Token

    The RequestDeviceToken extension method has convenience properties for the urn:ietf:params:oauth:grant-type:device_code grant type:

    var response = await client.RequestDeviceTokenAsync(new DeviceTokenRequest
    {
        Address = disco.TokenEndpoint,
    
        ClientId = "device",
        DeviceCode = authorizeResponse.DeviceCode
    });

     

    参考:https://identitymodel.readthedocs.io/en/latest/client/token.html

    例子code:

    using System;
    using System.Net.Http;
    using IdentityModel.Client;
    
    namespace ClientCredential
    {
        class Program
        {
            static void Main(string[] args)
            {
                try
                {
                    new Program().GetAsync();
                }
                catch (Exception ex)
                {
                    System.Console.WriteLine(ex.Message);
                }
    
                Console.ReadKey();
    
            }
    
            public async void GetAsync()
            {
                var diso = await DiscoveryClient.GetAsync("http://localhost:5003");
                if (diso.IsError)
                {
                    System.Console.WriteLine("diso.Error");
                }
                var tokenClient = new TokenClient(diso.TokenEndpoint, "client", "secrt");
                var tokenResponse = await tokenClient.RequestClientCredentialsAsync("api");
                if (tokenResponse.IsError)
                {
                    System.Console.WriteLine(tokenResponse.Error);
                }
                else
                {
                    System.Console.WriteLine(tokenResponse.Json);
                }
    
                using (var httpClient = new HttpClient())
                {
                    httpClient.SetBearerToken(tokenResponse.AccessToken);
                    var response = await httpClient.GetAsync("http://localhost:5001/api/values");
                    if (response.IsSuccessStatusCode)
                    {
                        System.Console.WriteLine(await response.Content.ReadAsStringAsync());
                    }
                }
    
            }
        }
    }
    

      

  • 相关阅读:
    博客作业6
    博客作业5
    3137102127 林志坤(实验3)
    3137102127 林志坤(实验2)
    个人简介
    Bookstore项目测试缺陷报告
    自我介绍
    第6次博客园作业
    软件测试第6次作业
    《构建之法》心得体会
  • 原文地址:https://www.cnblogs.com/wgscd/p/12766190.html
Copyright © 2011-2022 走看看