续上篇
二、API资源端
1、新建项目 ApiReSource 用来存放需要被保护的API,如下图
2、引用nuget里的 IdentityServer4.AccessTokenValidation类库
3、新增一个Controller名叫 TestController
内容如下:
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; namespace ApiReSource.Controllers { [Route("Test")] [Authorize] public class TestController : ControllerBase { [HttpGet] public IActionResult Get() { //这里输出测试数据 return new JsonResult(new { data = "ddd", password = "11223344" }); } } }
4、修改Startup.cs的内容至如下:
using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; namespace ApiReSource { public class Startup { public Startup(IConfiguration configuration) { Configuration = configuration; } public IConfiguration Configuration { get; } // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); services.AddMvcCore() //将认证服务添加到DI,配置"Bearer"作为默认方案 .AddAuthorization() .AddJsonFormatters(); services.AddAuthentication("Bearer") //将IdentityServer访问令牌验证处理程序添加到DI中以供身份验证服务使用 .AddIdentityServerAuthentication(options => { //用于授权的地址 options.Authority = "http://localhost:5000/"; options.RequireHttpsMetadata = false; //该Api项目对应的IdentityServer的Api资源,与GetApiResources方法里面的Api名称对应 options.ApiName = "api1"; }); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } else { app.UseHsts(); } app.UseAuthentication(); app.UseHttpsRedirection(); app.UseMvc(); } } }
5、修改端口号为5001,如下图
