Shulou(Shulou.com)06/02 Report--

IdentityServer4 how to use OpenID Connect to add user authentication, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain in detail for you, people with this need can come to learn, I hope you can gain something.

Use IdentityServer4 to implement the OpenID Connect server and add user authentication. Client call to achieve authorization.

IdentityServer4 is currently updated to version 1.0

Environment for this article: IdentityServer4 1.0.NET Core 1.0.1

Let's get started.

New IdentityServer4 server

The server provides services, such as QQ Weibo, etc.

Create a new ASP.NET Core Web Application project IdentityServer4OpenID and select the template Web application without authentication.

Delete the Controllers file created by the template and the Views folder.

Add an IdentityServer4 reference:

Install-Package IdentityServer4

Then add the configuration class Config.cs:

Public class Config

{

/ / define resources in the system

Public static IEnumerable GetIdentityResources ()

{

Return new List

{

New IdentityResources.OpenId ()

New IdentityResources.Profile ()

}

}

Public static IEnumerable GetClients ()

{

/ / client credentials

Return new List

{

/ / OpenID Connect implicit client (MVC)

New Client

{

ClientId = "mvc"

ClientName = "MVC Client"

AllowedGrantTypes = GrantTypes.Implicit

RedirectUris = {"http://localhost:5002/signin-oidc"}"

PostLogoutRedirectUris = {"http://localhost:5002"}"

/ / run the accessed resources

AllowedScopes =

{

IdentityServerConstants.StandardScopes.OpenId

IdentityServerConstants.StandardScopes.Profile

}

}

}

}

/ / Test users

Public static List GetUsers ()

{

Return new List

{

New TestUser

{

SubjectId = "1"

Username = "admin"

Password = "123456"

Claims = new List

{

New Claim ("name", "admin")

New Claim ("website", "https://www.cnblogs.com/linezero")"

}

}

New TestUser

{

SubjectId = "2"

Username = "linezero"

Password = "123456"

Claims = new List

{

New Claim ("name", "linezero")

New Claim ("website", "https://github.com/linezero")"

}

}

}

}

}

The above uses the IdentityServer4 test data class to add data, which is directly stored in memory. IdentityServer4 supports persistence.

Then open Startup.cs and add the following:

Public void ConfigureServices (IServiceCollection services)

{

/ / Add framework services.

Services.AddMvc ()

Services.AddIdentityServer ()

.AddTemporarySigningCredential ()

.AddInMemoryIdentityResources (Config.GetIdentityResources ())

.AddInMemoryClients (Config.GetClients ())

.AddTestUsers (Config.GetUsers ())

}

Public void Configure (IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)

{

...

App.UseIdentityServer ()

...

Then the installation UI,UI section can also be written by yourself, that is, login and logout permits and errors.

You can download it from https://github.com/IdentityServer/IdentityServer4.Quickstart.UI/tree/release and unzip it to the project directory.

You can also use the command prompt to quickly install:

Powershell iex ((New-Object System.Net.WebClient) .Downloadstring ('https://raw.githubusercontent.com/IdentityServer/IdentityServer4.Quickstart.UI/release/get.ps1')))

Open a command prompt in the project directory and enter the above command.

For more information, see the official readme: https://github.com/IdentityServer/IdentityServer4.Quickstart.UI/blob/release/README.md

Create a new MVC client

Then create a new MVC client, which can be understood as your own application and need to use services provided by third parties.

Create a new ASP.NET Core Web Application project MvcClient and select the template Web application without authentication.

Configure Url binding 5002 port UseUrls ("http://localhost:5002")"

Then add a reference:

Install-Package Microsoft.AspNetCore.Authentication.Cookies

Install-Package Microsoft.AspNetCore.Authentication.OpenIdConnect

At the end of this article, 1.1 is quoted.

Then open the Startup class and add the following code to the Configure method:

App.UseCookieAuthentication (new CookieAuthenticationOptions

{

AuthenticationScheme = "Cookies"

});

App.UseOpenIdConnectAuthentication (new OpenIdConnectOptions

{

AuthenticationScheme = "oidc"

SignInScheme = "Cookies"

Authority = "http://localhost:5000",

RequireHttpsMetadata = false

ClientId = "mvc"

SaveTokens = true

});

Then add the [Authorize] feature to the HomeController. The HomeController is created by the VS2015 template. If not, you can create it yourself.

Then change the Index view under the Home folder as follows:

@ foreach (var claim in User.Claims)

{

@ claim.Type

@ claim.Value

}

Running

First, run the server and locate dotnet run in the project directory. After running the server, access http://localhost:5000 to confirm whether the access is normal.

If you can access it normally and then run the client, which is also dotnet run, and then access http://localhost:5002, you will jump to http://localhost:5000 by default, which is right.

The final effect is as follows:

The UI part here is the official UI, and we can also design and apply it to our own system. The logged-in user is the configured test user, and you can see the configured Claims after authorization.

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.