Shulou(Shulou.com)06/03 Report--

This article introduces you how to get started with Identity in ASP.NETCore. The content is very detailed. Interested friends can use it for reference. I hope it will be helpful to you.

In ASP.NET Core, the Identity component library inside ASP.NET is still used, which is responsible for the authentication of users' identities. Generally speaking, it is not so complicated in MVC 5. Because of the introduction of OWIN in MVC 5, many beginners struggle to learn, and they are confused about Identity, including me. It took me more than a month to understand the principle of identity before and after learning this thing. So most developers don't love Identity and don't use it, so they feel kidnapped.

Fortunately, in ASP.NET Core, due to the gradual clarity of the abstraction of modules and the use of middleware, the learning and use of Identity become more approachable.

Getting Started

Before we begin, let's forget the relationship between Entity Framework and Authentication, let's learn a few English words.

There are a few "words" you may need to figure out:

# 1: Claims

Everyone should know what an ID card looks like, as follows:

Among them, the name: Obama; gender: male; nationality: Kenya; birth: 1961.08.04, and so on, we can see that they are all key-value pairs, so if we want to store these things in the program, how to design them? Yes, you may have thought of using a dictionary for storage, a Key, a Value just to meet the needs. But Key,Value doesn't feel very friendly and object-oriented, so wouldn't it be better if we made it into an object? At least you can use the vs Smart Tip. Let's modify it and change it to the following:

/ / I name the object `Claim`. Are you okay with public class Claim {public string ClaimType {get; set;} public string ClaimValue {get; set;}}?

ClaimType is Key,ClaimValue and represents a Value. In this case, you can just store a key-value pair. Name at this time: can Obama deposit it?

The people at Microsoft are very sweet and have prepared some default ClaimType for us. A lot of commonly used ones are in it. Let's take a look at them:

The first point of knowledge is extended here: ClaimTypes

In order to read the experience, I only put part of the screenshot. You can see that Name,Email,Gender,MobilePhone and other commonly used ones are already available, and there are many others. Careful readers may have noticed that its namespace is System.Security.Claims, which means that this thing is part of the. net framework, well, that's all we need to know for the time being, OK.

After the introduction of Claim, is it very simple? I don't care how to translate it in other places. In this article, it is called "Certificate Unit".

# 2: ClaimsIdentity

After having the "document unit", we can use it to make an ID card, so how should it be made? Some students may have thought, yes, that is, to create a new object, then transfer the ID card unit into the constructor, and then get an ID card. We give this ID card an English name "ClaimsIdentity", which seems to fit quite well. There are both Claims for its components and Identity (identity) for its purpose, which is a very satisfactory name.

In fact, in real life, part of our ID card information is hidden, and some of it can be seen directly. For example, your fingerprint information is stored in the new generation ID card that you cannot see. These are all stored in the chip in the ID card, such as name, age and so on. It is the same when we design an object, we need to expose something, so here our ClaimsIdentity will expose a Name,Lable and so on.

Another important attribute of our ID card (ClaimsIdentity) is AuthenticationType, and so on, what is AuthenticationType? It looks a little familiar. We know what our own ID cards are for, that is, to prove our identity. When you prove your identity and show it, in fact, it has many forms of carriers. What do you mean? For example, you can directly take out your ID card in physical form, which can also be a copy in paper form, or an electronic code in electronic form, and so on. At this time, you need to have a type field that can express its existence form. Yes, this AuthenticationType is for this purpose.

Then we are adding some embellishments to our ID card to make it look good, such as providing some methods to add Claims, delete Claims, write to the binary stream, and so on. In the end, our ID card object basically looks like this:

Public class ClaimsIdentity {public ClaimsIdentity (IEnumerable claims) {} / / the name is so important that of course you can't let others change it casually, so I don't allow set, except for my son's surname, so it's virtual's public virtual string Name {get;} public string Label {get; set;} / / this is my certificate type, and it's also very important, and set public virtual string AuthenticationType {get;} public virtual void AddClaim (Claim claim); public virtual void RemoveClaim (Claim claim) Public virtual void FindClaim (Claim claim);}

Well, at this point, our ID cards seem to be perfect, but from an object-oriented point of view, what seems to be missing? Yes, or abstract, we need to abstract out an interface to make some constraints, what are the constraints? Since it is a document, it is certain that these attribute information will be involved:

1. Name. 2. Type. 3. Whether the certificate is legal or not.

The response to the interface is as follows. Let's name the interface "IIdentity":

This extends the second knowledge point: the IIdentity interface.

/ / define the basic functions of the document object. Public interface IIdentity {/ / document name string Name {get;} / / the type of carrier used to identify the document. Whether string AuthenticationType {get;} / / is a legal document. Bool IsAuthenticated {get;}}

So our ClaimsIdentity finally seems to be defined like this:

Public class ClaimsIdentity: IIdentity {/ /.}

After the introduction of ClaimsIdentity, it is also very simple to find. I don't care how to translate it in other places. In this article, it is called "ID card".

# 3: ClaimsPrincipal

With an ID card, we can prove that I am who I am. Sometimes a person has many ID cards. What do you think this person does? Yes, either scalpers or fraudsters.

However, sometimes a person has many other identities. What do you think this person does? This is normal or not, for example, you can be a teacher, mother and businessman at the same time. If you want to prove that you have these identities at the same time, you may need to show your teacher's certificate, your child's birth certificate, and your legal representative's business license.

In the program, an ID card not only represents you as a person, but also represents an identity and proves your main identity. If a person has many other identities, you need to have something (carrier) to carry these documents at this time, right? OK, let's give the person who needs to carry the certificate an apt name, "document party (ClaimsPrincipal)".

The following is the explanation of the word Principal in the dictionary. You should have no problem with me using it.

Principal ['pr'ns'pl]

Adj. Major adj.

n. Head; Principal; Capital; litigant

At this time, some students may ask whether it is better to call it ClaimsIdentityPrincipal. Well, I also think it might be better to call it ClaimsIdentityPrincipal. Maybe people at Microsoft are lazy and abbreviated to ClaimsPrincipal.

Once you know its function, the code is easy to write, just like the ClaimsIdentity above:

Public class ClaimsPrincipal {/ / give all the documents to the party public ClaimsPrincipal (IEnumerable identities) {} / / the principal identity of the party public virtual IIdentity Identity {get;} public virtual IEnumerable Identities {get;} public virtual void AddIdentity (ClaimsIdentity identity); / / Why is there no RemoveIdentity, leave it to everyone to think about? }

).

This extends the third knowledge point: the IPrincipal interface.

Public interface IPrincipal {/ / identity IIdentity Identity {get;} / / whether it belongs to a role bool IsInRole (string role);}

Then, the client of our document should look like this:

Public class ClaimsPrincipal: IPrincipal {/ /...}

After the introduction of ClaimsPrincipal, it's very simple, right? I don't care how it is translated in other places. In this article, it is called "document party".

I think we already know the "Claims", "ClaimsIdentity" and "ClaimsPrincipal", and sort out the logical relationship between them. Strike while the iron is hot. The following picture is an incomplete sketch of the login part of identity. The dotted line should be able to read it:

It can be seen that, first of all, we have some certificate units on the app side, and then call ClaimsIdentity to initialize the document unit into an ID card, and then give the ID card to the client for his custody.

Just finished writing Getting Started, found that it has been so long, so I intend to write a series, maybe 3-4 articles.

On how to get started on the Identity in ASP.NETCore to share here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.