Abp配置文件设置IdentityServer客户端

全栈程序员站长

发布于 2022-09-07 12:11:39

1.6K0

发布于 2022-09-07 12:11:39

文章被收录于专栏：全栈程序员必看

大家好，又见面了，我是你们的朋友全栈君。

在没有购买商业版，又没实现IdentityServer配置管理页功能时，我们又得配置客户端时。设想通过appsettings.json，临时添加配置，然后执行.DbMigrator迁移数据。这时原版代码需要以下改动：

修改.Domain项目中IdentityServerDataSeedContributor类的CreateClientsAsync方法。

private async Task CreateClientsAsync()
{
    var commonScopes = new[]
    {
        "email",
        "openid",
        "profile",
        "role",
        "phone",
        "address"
    };

    var configurationSection = _configuration.GetSection("IdentityServer:Clients");

    foreach (var section in configurationSection.GetChildren())
    {
        var clientId = section["ClientId"];
        var secret = (section["ClientSecret"] ?? "123456").Sha256();
        var rootUrl = section["RootUrl"].EnsureEndsWith('/');
        var grantTypes = (section["GrantTypes"] ?? "client_credentials").Split();
        var redirectUri = section["RedirectUri"] ?? $"{rootUrl}signin-oidc";
        var postLogoutRedirectUri = section["PostLogoutRedirectUri"] ?? $"{rootUrl}signout-callback-oidc";
        var frontChannelLogoutUri = section["FrontChannelLogoutUri"] ?? rootUrl;
        var requireClientSecret = (section["RequireClientSecret"] ?? "False").To<bool>();
        var requirePkce = (section["RequirePkce"] ?? "False").To<bool>();
        var corsOrigins = new[] { rootUrl.RemovePostFix("/") };

        await CreateClientAsync(
            name: clientId,
            scopes: commonScopes,
            grantTypes: grantTypes,
            secret: secret,
            redirectUri: redirectUri,
            postLogoutRedirectUri: postLogoutRedirectUri,
            frontChannelLogoutUri: frontChannelLogoutUri,
            requireClientSecret,
            requirePkce,
            corsOrigins: corsOrigins
        );
    }
}

修改.DbMigrator项目中appsettings.json为：

{
    "ConnectionStrings": {
        "Default": "Server=(LocalDb)\\MSSQLLocalDB;Database=IdentityServer;Trusted_Connection=True;"
    },
    "IdentityServer": {
        "Clients": {
            "TestClient.Mvc": {
                "ClientId": "TestClient.Mvc",
                "ClientSecret": "TestClient.Mvc",
                "RootUrl": "https://localhost:53279",
                "GrantTypes": "authorization_code",
                "RequirePkce": true
            },
            "MyProject_Web": {
                "ClientId": "MyProject_Web",
                "ClientSecret": "1q2w3e*",
                "RootUrl": "https://localhost:44393",
                "GrantTypes": "hybrid",
                "FrontChannelLogoutUri": "https://localhost:44393/Account/FrontChannelLogou"
            },
            "MyProject_App": {
                "ClientId": "MyProject_App",
                "ClientSecret": "1q2w3e*",
                "RootUrl": "http://localhost:4200",
                "GrantTypes": "password client_credentials authorization_code"
            },
            "MyProject_Blazor": {
                "ClientId": "MyProject_Blazor",
                "RootUrl": "https://localhost:44307",
                "GrantTypes": "authorization_code",
                "RedirectUri": "https://localhost:44307/authentication/login-callback",
                "PostLogoutRedirectUri": "https://localhost:44307/authentication/logout-callback"
            },
            "MyProject_Swagger": {
                "ClientId": "MyProject_Swagger",
                "ClientSecret": "1q2w3e*",
                "RootUrl": "https://localhost:44399",
                "GrantTypes": "authorization_code",
                "redirectUri": "https://localhost:44399/swagger/oauth2-redirect.html"
            }
        }
    }
}

发布者：全栈程序员栈长，转载请注明出处：https://javaforall.cn/155575.html原文链接：https://javaforall.cn

本文参与腾讯云自媒体同步曝光计划，分享自作者个人站点/博客。

如有侵权请联系 cloudcommunity@tencent.com 删除

https