Simon
/
Tiobon.Web.Core
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1224 Commits
1 Branch
0 Tags
29 MiB
 
 
 
Tag: Branch: Tree: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Tiobon.Web.Core/Tiobon.Core.Extensions/ServiceExtensions/Authentication_AuthingSetup.cs

50 lines
2.0 KiB
Raw Permalink Blame History

using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.IdentityModel.Tokens;
using NetDevPack.Security.JwtExtensions;
using Tiobon.Core.AuthHelper;
using Tiobon.Core.Common;
namespace Tiobon.Core.Extensions;
/// <summary>
/// Authing权限 认证服务
/// </summary>
public static class Authentication_AuthingSetup
{
public static void AddAuthentication_AuthingSetup(this IServiceCollection services)
{
if (services == null) throw new ArgumentNullException(nameof(services));
var tokenValidationParameters = new TokenValidationParameters
{
ValidIssuer = AppSettings.app(new string[] { "Startup", "Authing", "Issuer" }),
ValidAudience = AppSettings.app(new string[] { "Startup", "Authing", "Audience" }),
ValidAlgorithms = new string[] { "RS256" },
//ValidateLifetime = true,
//ClockSkew = TimeSpan.FromSeconds(30),
//RequireExpirationTime = true,
};
services.AddAuthentication(o =>
{
//认证middleware配置
o.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
o.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
o.DefaultChallengeScheme = nameof(ApiResponseHandler);
o.DefaultForbidScheme = nameof(ApiResponseHandler);
})
.AddJwtBearer(o =>
{
//主要是jwt token参数设置
o.TokenValidationParameters = tokenValidationParameters;
o.RequireHttpsMetadata = false;
o.SaveToken = false;
o.IncludeErrorDetails = true;
o.SetJwksOptions(new JwkOptions(AppSettings.app(new string[] { "Startup", "Authing", "JwksUri" }), AppSettings.app(new string[] { "Startup", "Authing", "Issuer" }), new TimeSpan(TimeSpan.TicksPerDay)));
})
.AddScheme<AuthenticationSchemeOptions, ApiResponseHandler>(nameof(ApiResponseHandler), o => { });
}
}