public ActionResult WMall() { try { FansInfo Fans = Session["FansInfo"] as FansInfo; //Fans.Openid = "oDRuD1A65qVf-QjFFpdnQccRo7HA"; Entity.Entities.HmjMemberDetail result = _hmjMember.GetMemberDetailByOpenId(Fans.Openid); //如果是未注册用户 if (result == null) { return(Redirect(ConfigurationManager.AppSettings["WebUrl"] + "/hmjmember/tozhuce.do")); } #region 获取用户信息并进行封装后跳转 //拼接参数 var code = ConfigurationManager.AppSettings["WMallCode"]; var queryStr = $"userId={result.MEMBERNO}&code={code}&phone={result.MOBILE}&username={result.NAME}"; // 私钥加密 并进行urlencode var sign = HttpUtility.UrlEncode(RSAUtils.RSAEncryptByPrivateKey("", queryStr)); #endregion return(Redirect(ConfigurationManager.AppSettings["WMallUrl"] + "?r=" + sign)); } catch (System.Exception ex) { ViewBag.MyMessage = ex.ToString(); return(View()); } }
static void Main(string[] args) { string keyDir = AppDomain.CurrentDomain.BaseDirectory; if (RSAUtils.TryGetKeyParameters(keyDir, true, out RSAParameters keyParams) == false) { Console.WriteLine("按任意键开始生产RSAKey文件。"); Console.Read(); keyParams = RSAUtils.GenerateAndSaveKey(keyDir); Console.WriteLine("RSAKey文件生存成功!"); } else { //Console.WriteLine("RSAKey文件已经存在!"); Console.WriteLine("生成jwtToken"); JwtTokenUtils jwtTokenUtils = new JwtTokenUtils(); string jwtToken = jwtTokenUtils.GenerateJwtToken("zhuqp", "", "pbirs"); Console.WriteLine(jwtToken); Console.WriteLine("验证jwtToken"); string username = jwtTokenUtils.ValidateJwtToken(jwtToken, "pbirs"); Console.WriteLine(username); Console.Read(); } }
private void encryptTextIn_TextChanged(object sender, EventArgs e) { if ("".Equals(primaryKeyIn.Text)) { MessageBox.Show("没有输入私钥"); encryptTextIn.Text = ""; return; } decryptTextOut.Text = RSAUtils.Decrypt(primaryKeyIn.Text, encryptTextIn.Text); }
private void decryptTextIn_TextChanged(object sender, EventArgs e) { if ("".Equals(publicKeyIn.Text)) { MessageBox.Show("没有输入公钥"); decryptTextIn.Text = ""; return; } encryptTextOut.Text = RSAUtils.Encrypt(publicKeyIn.Text, decryptTextIn.Text); }
public string SignTrue(string source) { //========================== //读取私钥 string FilePath = AppDomain.CurrentDomain.BaseDirectory; string file = FilePath + "certs\\"; string PrivateKey = File.ReadAllText(file + "Alipay_" + app_id + "_private.cer"); //========================== return(RSAUtils.RSASign(source, PrivateKey, SignType, charset)); }
private void buttonCreate_Click(object sender, EventArgs e) { String primaryKey, publicKey; RSAUtils.Create(out primaryKey, out publicKey); primaryKeyXML.Text = primaryKey; publicKeyXML.Text = publicKey; primaryKeyPEM.Text = RSAUtils.XML2PEM(true, primaryKey); publicKeyPEM.Text = RSAUtils.XML2PEM(false, publicKey); publicKeyIn.Text = publicKey; primaryKeyIn.Text = primaryKey; }
// This method gets called by the runtime. Use this method to add services to the container. public IServiceProvider ConfigureServices(IServiceCollection services) { // 从文件读取密钥 string keyDir = PlatformServices.Default.Application.ApplicationBasePath; if (RSAUtils.TryGetKeyParameters(keyDir, true, out RSAParameters keyParams) == false) { keyParams = RSAUtils.GenerateAndSaveKey(keyDir); } JWTTokenOptions _tokenOptions = new JWTTokenOptions(); _tokenOptions.Key = new RsaSecurityKey(keyParams); _tokenOptions.Issuer = "EcpB2bIssuer"; // 签发者名称 _tokenOptions.Credentials = new SigningCredentials(_tokenOptions.Key, SecurityAlgorithms.RsaSha256Signature); // 添加到 IoC 容器 有可能报错 改为不是单例 services.AddSingleton(_tokenOptions); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(jwtOptions => { jwtOptions.TokenValidationParameters = new TokenValidationParameters { IssuerSigningKey = _tokenOptions.Key, ValidAudience = _tokenOptions.Audience, ValidIssuer = _tokenOptions.Issuer, ValidateLifetime = true }; }); services.AddDataProtection(options => { options.ApplicationDiscriminator = "localhost"; }); services.ConfigureApplicationCookie(options => { options.Cookie.Domain = "localhost"; options.Cookie.Name = ".AspNetCore.Cookies"; }); services.AddMvc(); return (Util.AutofacIoc.AutofacHelp.AutofacProviderBuilderCore( services, ApplicationContainer, new B2b.ClientRegisterModuleIoc.GrpcClientModule() )); }
public void Test_RSAUtil_GetCode() { string pub_Key_File = @"-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDDl3JJzcEHnVhnbSWvjXAGpy7M Dfkyw8+cxtBzrE7rdLvMvOSuLXnAAya/BAhB7hx2nIAonSaSwjLxqIVo8n97y7h/ l94eMzaAiTb4is2lew/fZmJeKLEdjvn/IaWDQgCq5TDn4cgLp4kQMtbAsddjoEWq xeBqwbgg5VAp5wZyjQIDAQAB -----END PUBLIC KEY----- "; string key = RSAUtils.GetKey(pub_Key_File); string re = RSAUtils.RSA("admin", key); Assert.AreEqual("MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDy2GIpXsgdPX1uf4dXv97Ny1DyVKP/NlQIiOUCLKQKZmC32I06iU/mrKYTvxPzfaiae8YN02fFMFhiSoNgApI4BK8Q0n5poVd2gywaS+EmD+A+t7DXC+Y4uylTshG80uNhvJlvy1LShkx4MjiVGjMAcBXELLKad8HU9UV2KzjLWwIDAQAB", RSAUtils.GetKey(pub_Key_File)); //byte[] obj = Convert.FromBase64String(RSAUtils.GetKey(pub_Key_File)); }
/// <summary> /// 使用配置文件初始化 /// </summary> private void initByConfigs() { try { Dictionary <String, String> config = JSONFileReader.Read(CONFIG_FILE_NAME); this.Text = RSAUtils.Decrypt(RSAUtils.PEM2XML(true, PRIMARY_KEY), DictionaryUtils.GetString(config, "Title", "LichKin")); webBrowser.Url = new Uri(RSAUtils.Decrypt(RSAUtils.PEM2XML(true, PRIMARY_KEY), DictionaryUtils.GetString(config, "Url", "http://www.lichkin.com/"))); this.Icon = System.Drawing.Icon.ExtractAssociatedIcon(ICON_FILE_NAME); } catch { MessageBox.Show("配置信息被篡改或已丢失,请联系管理员。", "程序即将退出"); Application.Exit(); } }
private ResponseModel DeserializeResponse(string rpXml) { var result = new ResponseModel(); using (var sr = new StringReader(rpXml)) { var el = XElement.Load(sr); result.retcode = el.XPathSelectElement("/retcode").Value; result.retmsg = el.XPathSelectElement("/retmsg").Value; result.retmsg = Encoding.UTF8.GetString(Encoding.GetEncoding("gb2312").GetBytes(result.retmsg)); var cipher_data = el.XPathSelectElement("/cipher_data").Value; var priKey = RSAUtils.RSAPrivateKeyJava2DotNet(PrivateKey); result.cipher_data = RSAUtils.RSADecrypt(priKey, Convert.FromBase64String(cipher_data), Encoding.UTF8); } return(result); }
protected void Page_Load(object sender, EventArgs e) { var options = new QuickRefundOptions { spid = spid, sp_serialno = GenerateOrderNo(), tran_amt = "100", business_type = business_type, acct_name = acct_name, acct_id = acct_id, }; var factory = new QuickRefundFactory(key); var request = factory.GenerateRequestModel(options); var data = factory.GenerateRequestFormString(request); WriteLog("2.1 单笔代付接口请求参数", data); var pubKey = RSAUtils.RSAPublicKeyJava2DotNetP(PublicKey); string encData = RSAUtils.RSAEncrypt(data, pubKey); var cipher_data = Server.UrlEncode(encData); var response = factory.GetRefundResult(cipher_data); var model = DeserializeResponse(response); var settings = new Newtonsoft.Json.JsonSerializerSettings { Formatting = Newtonsoft.Json.Formatting.Indented, NullValueHandling = Newtonsoft.Json.NullValueHandling.Ignore, }; var dendata = Newtonsoft.Json.JsonConvert.SerializeObject(model, settings); WriteLog("2.1 单笔代付接口返回参数", dendata); Response.Write($"天付宝代付API<br>"); Response.Write($"请求地址:{factory.Url}<br>"); Response.Write($"请求参数未加密:{data}<br>"); Response.Write($"请求参数已加密cipher_data:{cipher_data}<br>"); Response.Write($"返回参数密文:{response}<br>"); Response.Write($"返回参数明文:{dendata}<br>"); Response.End(); }
public void OnClick(View v) { switch (v.Id) { case Resource.Id.login: var account = editAccount.Text; var password = editPassword.Text; if (account.Trim() == "") { Toast.MakeText(this, Resources.GetString(Resource.String.need_account), ToastLength.Short).Show(); return; } if (password.Trim() == "") { Toast.MakeText(this, Resources.GetString(Resource.String.need_password), ToastLength.Short).Show(); return; } //var publicKey = Resources.GetString(Resource.String.PublicKey); var publicKey = ""; if (publicKey == "") { Toast.MakeText(this, Resources.GetString(Resource.String.publicKey_error), ToastLength.Short).Show(); return; } RSAUtils rsaUtils = new RSAUtils(publicKey); dialog.SetMessage(Resources.GetString(Resource.String.logining)); dialog.Show(); var basic = Square.OkHttp3.Credentials.Basic(Resources.GetString(Resource.String.ClientId), Resources.GetString(Resource.String.ClientSercret)); loginPresenter.LoginAsync(TokenShared.GetAccessToken(this), basic, rsaUtils.Encrypt(account), rsaUtils.Encrypt(password)); break; default: InputMethodManager imm = (InputMethodManager)GetSystemService(Context.InputMethodService); imm.HideSoftInputFromWindow(editPassword.WindowToken, 0); SetResult(Result.Canceled); ActivityCompat.FinishAfterTransition(this); break; } }
public static void AddSiteRegisterJwt(this IServiceCollection services, string Issuer, string audience) { // 从文件读取密钥 JWTTokenOptions _tokenOptions = new JWTTokenOptions(); string keyDir = PlatformServices.Default.Application.ApplicationBasePath; if (RSAUtils.TryGetKeyParameters(keyDir, false, out RSAParameters keyparams) == false) { _tokenOptions.Key = default(RsaSecurityKey); } else { _tokenOptions.Key = new RsaSecurityKey(keyparams); } _tokenOptions.Issuer = Issuer; // 设置签发者 _tokenOptions.Audience = audience; // 设置签收者,也就是这个应用服务器的名称 _tokenOptions.Credentials = new SigningCredentials(_tokenOptions.Key, SecurityAlgorithms.RsaSha256Signature); services.AddAuthorization(auth => { auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser() //.AddRequirements(new ValidJtiRequirement()) // 添加上面的验证要求 .Build()); }); // 注册验证要求的处理器,可通过这种方式对同一种要求添加多种验证 //services.AddSingleton<IAuthorizationHandler, ValidJtiHandler>(); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(jwtOptions => { jwtOptions.TokenValidationParameters = new TokenValidationParameters { IssuerSigningKey = _tokenOptions.Key, ValidAudience = _tokenOptions.Audience, ValidIssuer = _tokenOptions.Issuer, ValidateLifetime = true }; }); }
static void Main(string[] args) { //2048 公钥 string publicKey = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQh0wEqx/R2H1v00IU12Oc30fosRC/frhH89L6G+fzeaqI19MYQhEPMU13wpeqRONCUta+2iC1sgCNQ9qGGf19yGdZUfueaB1Nu9rdueQKXgVurGHJ+5N71UFm+OP1XcnFUCK4wT5d7ZIifXxuqLehP9Ts6sNjhVfa+yU+VjF5HoIe69OJEPo7OxRZcRTe17khc93Ic+PfyqswQJJlY/bgpcLJQnM+QuHmxNtF7/FpAx9YEQsShsGpVo7JaKgLo+s6AFoJ4QldQKir2vbN9vcKRbG3piElPilWDpjXQkOJZhUloh/jd7QrKFimZFldJ1r6Q59QYUyGKZARUe0KZpMQIDAQAB"; //2048 私钥 string privateKey = "MIIEpAIBAAKCAQEAoQh0wEqx/R2H1v00IU12Oc30fosRC/frhH89L6G+fzeaqI19MYQhEPMU13wpeqRONCUta+2iC1sgCNQ9qGGf19yGdZUfueaB1Nu9rdueQKXgVurGHJ+5N71UFm+OP1XcnFUCK4wT5d7ZIifXxuqLehP9Ts6sNjhVfa+yU+VjF5HoIe69OJEPo7OxRZcRTe17khc93Ic+PfyqswQJJlY/bgpcLJQnM+QuHmxNtF7/FpAx9YEQsShsGpVo7JaKgLo+s6AFoJ4QldQKir2vbN9vcKRbG3piElPilWDpjXQkOJZhUloh/jd7QrKFimZFldJ1r6Q59QYUyGKZARUe0KZpMQIDAQABAoIBAQCRZLUlOUvjIVqYvhznRK1OG6p45s8JY1r+UnPIId2Bt46oSLeUkZvZVeCnfq9k0Bzb8AVGwVPhtPEDh73z3dEYcT/lwjLXAkyPB6gG5ZfI/vvC/k7JYV01+neFmktw2/FIJWjEMMF2dvLNZ/Pm4bX1Dz9SfD/45Hwr8wqrvRzvFZsj5qqOxv9RPAudOYwCwZskKp/GF+L+3Ycod1Wu98imzMZUH+L5dQuDGg3kvf3ljIAegTPoqYBg0imNPYY/EGoFKnbxlK5S5/5uAFb16dGJqAz3XQCz9Is/IWrOTu0etteqV2Ncs8uqPdjed+b0j8CMsr4U1xjwPQ8WwdaJtTkRAoGBANAndgiGZkCVcc9975/AYdgFp35W6D+hGQAZlL6DmnucUFdXbWa/x2rTSEXlkvgk9X/PxOptUYsLJkzysTgfDywZwuIXLm9B3oNmv3bVgPXsgDsvDfaHYCgz0nHK6NSrX2AeX3yO/dFuoZsuk+J+UyRigMqYj0wjmxUlqj183hinAoGBAMYMOBgF77OXRII7GAuEut/nBeh2sBrgyzR7FmJMs5kvRh6Ck8wp3ysgMvX4lxh1ep8iCw1R2cguqNATr1klOdsCTOE9RrhuvOp3JrYzuIAK6MpH/uBICy4w1rW2+gQySsHcH40r+tNaTFQ7dQ1tef//iy/IW8v8i0t+csztE1JnAoGABdtWYt8FOYP688+jUmdjWWSvVcq0NjYeMfaGTOX/DsNTL2HyXhW/Uq4nNnBDNmAz2CjMbZwt0y+5ICkj+2REVQVUinAEinTcAe5+LKXNPx4sbX3hcrJUbk0m+rSu4G0B/f5cyXBsi9wFCAzDdHgBduCepxSr04Sc9Hde1uQQi7kCgYB0U20HP0Vh+TG2RLuE2HtjVDD2L/CUeQEiXEHzjxXWnhvTg+MIAnggvpLwQwmMxkQ2ACr5sd/3YuCpB0bxV5o594nsqq9FWVYBaecFEjAGlWHSnqMoXWijwu/6X/VOTbP3VjH6G6ECT4GR4DKKpokIQrMgZ9DzaezvdOA9WesFdQKBgQCWfeOQTitRJ0NZACFUn3Fs3Rvgc9eN9YSWj4RtqkmGPMPvguWo+SKhlk3IbYjrRBc5WVOdoX8JXb2/+nAGhPCuUZckWVmZe5pMSr4EkNQdYeY8kOXGSjoTOUH34ZdKeS+e399BkBWIiXUejX/Srln0H4KoHnTWgxwNpTsBCgXu8Q=="; var rsa = new RSAUtils(RSAType.RSA2, Encoding.UTF8, privateKey, publicKey); string str = "博客园 http://www.cnblogs.com/"; Console.WriteLine("原始字符串:" + str); //加密 string enStr = rsa.Encrypt(str); Console.WriteLine("加密字符串:" + enStr); //解密 string deStr = rsa.Decrypt(enStr); Console.WriteLine("解密字符串:" + deStr); //私钥签名 string signStr = rsa.Sign(str); Console.WriteLine("字符串签名:" + signStr); //公钥验证签名 bool signVerify = rsa.Verify(str, signStr); Console.WriteLine("验证签名:" + signVerify); Console.ReadKey(); Console.ReadKey(true); }
public string GetPublicKey() { return(RSAUtils.GetPublicKey()); }
/// <summary> /// 注入服务 /// </summary> /// <param name="services">IServiceCollection</param> /// <param name="Configuration">IConfiguration</param> public static void AddServiceSingleton(this IServiceCollection services, IConfiguration Configuration) { services.Configure <IdentityOption>(Configuration.GetSection("IdentityOption")); //var identityConfigurationSection = Configuration.GetSection("IdentityOption"); // 添加服务设置实例配置 var identity = Configuration.GetSection("IdentityOption"); #region 【读取配置】 var symmetricKeyAsBase64 = Configuration["IdentityOption:Secret"]; var keyByteArray = Encoding.ASCII.GetBytes(symmetricKeyAsBase64); var signingKey = new SymmetricSecurityKey(keyByteArray); var signingCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256); IdentityOption identityOption = new IdentityOption { Secret = Configuration["IdentityOption:Secret"], //密钥 Issuer = Configuration["IdentityOption:Issuer"], //发行者 Audience = Configuration["IdentityOption:Audience"], //令牌的观众 TokenType = Configuration["IdentityOption:TokenType"], //表示令牌类型,该值大小写不敏感,必选项,可以是bearer类型或mac类型。 Scope = Configuration["IdentityOption:Scope"], //表示权限范围,如果与客户端申请的范围一致,此项可省略 Subject = Configuration["IdentityOption:Subject"], //主题 ExpiresIn = Convert.ToInt32(Configuration["IdentityOption:ExpiresIn"]), //表示过期时间,单位为秒。如果省略该参数,必须其他方式设置过期时间。 ClientId = Configuration["IdentityOption:ClientId"], //表示客户端的ID,必选项 ResponseType = Configuration["IdentityOption:ResponseType"], //表示授权类型,必选项,此处的值固定为"code" RedirectUri = Configuration["IdentityOption:RedirectUri"], State = Configuration["IdentityOption:State"], //表示客户端的当前状态,可以指定任意值,认证服务器会原封不动地返回这个值。 SigningCredentials = signingCredentials }; #endregion #region 【客户端模式】【密码模式】 LicensingMode.SetResourceOwnerPasswordAndClientCredentials(services, identityOption); #endregion #region JWT JwtRegisteredClaimNames 方式 直接读取配置文件信息,初始化Token 需要验证的信息,如果不同在一台服务,则产生的Token与验证的Token的服务器验证信息与产生的信息要一致 var jwtKeyAsBase64 = Configuration["JWTTokenOption:Secret"]; var jwtKeyByteArray = Encoding.ASCII.GetBytes(jwtKeyAsBase64); var jwtSigningKey = new SymmetricSecurityKey(jwtKeyByteArray); var jwtSigningCredentials = new SigningCredentials(jwtSigningKey, SecurityAlgorithms.RsaSha256Signature); JWTTokenOption jwtOption = new JWTTokenOption { Issuer = Configuration["JWTTokenOption:Issuer"], //发行者 Audience = Configuration["JWTTokenOption:Audience"], //令牌的观众 ExpiresIn = Convert.ToInt32(Configuration["JWTTokenOption:ExpiresIn"]), //表示过期时间,单位为秒。如果省略该参数,必须其他方式设置过期时间。 ClientId = Configuration["JWTTokenOption:ClientId"], //表示客户端的ID,必选项 SigningCredentials = jwtSigningCredentials }; // 从文件读取密钥 string keyDir = PlatformServices.Default.Application.ApplicationBasePath; if (RSAUtils.TryGetKeyParameters(keyDir, false, out RSAParameters keyParams) == false) { keyParams = RSAUtils.GenerateAndSaveKey(keyDir); } jwtOption.RsaSecurityKey = new RsaSecurityKey(keyParams); // 添加到 IoC 容器 // services.SigningCredentials(_tokenOptions); var tokenValidationParameters = new TokenValidationParameters { #region 面三个参数是必须 // 签名秘钥 ValidateIssuerSigningKey = true, IssuerSigningKey = jwtSigningKey, // 发行者(颁发机构) ValidateIssuer = true, ValidIssuer = jwtOption.Issuer, // 令牌的观众(颁发给谁) ValidateAudience = true, ValidAudience = jwtOption.Audience, #endregion // 是否验证Token有效期 ValidateLifetime = true, ClockSkew = TimeSpan.Zero //ClockSkew:允许的服务器时间偏移量,默认是5分钟,如果不设置,时间有效期间到了以后,5分钟之内还可以访问资源 /***********************************TokenValidationParameters的参数默认值***********************************/ // RequireSignedTokens = true, // SaveSigninToken = false, // ValidateActor = false, // 将下面两个参数设置为false,可以不验证Issuer和Audience,但是不建议这样做。 // ValidateAudience = true, // ValidateIssuer = true, // ValidateIssuerSigningKey = false, // 是否要求Token的Claims中必须包含Expires // RequireExpirationTime = true, // 允许的服务器时间偏移量 // ClockSkew = TimeSpan.FromSeconds(300),//TimeSpan.Zero // 是否验证Token有效期,使用当前时间与Token的Claims中的NotBefore和Expires对比 // ValidateLifetime = true }; services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(o => { //不使用https //o.RequireHttpsMetadata = false; o.TokenValidationParameters = tokenValidationParameters; }); #endregion #region 【密码模式 OIDC】和用户有关,一般用于第三方登录 //services.AddAuthentication(options => //{ // options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme; // options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; // options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme; //}) // .AddCookie() // .AddOpenIdConnect(o => // { // o.ClientId = "oidc.hybrid"; // o.ClientSecret = "secret"; // // 若不设置Authority,就必须指定MetadataAddress // o.Authority = "https://oidc.faasx.com/"; // // 默认为Authority+".well-known/openid-configuration" // //o.MetadataAddress = "https://oidc.faasx.com/.well-known/openid-configuration"; // o.RequireHttpsMetadata = false; // // 使用混合流 // o.ResponseType = OpenIdConnectResponseType.CodeIdToken; // // 是否将Tokens保存到AuthenticationProperties中 // o.SaveTokens = true; // // 是否从UserInfoEndpoint获取Claims // o.GetClaimsFromUserInfoEndpoint = true; // // 在本示例中,使用的是IdentityServer,而它的ClaimType使用的是JwtClaimTypes。 // o.TokenValidationParameters.NameClaimType = "name"; //JwtClaimTypes.Name; // // 以下参数均有对应的默认值,通常无需设置。 // //o.CallbackPath = new PathString("/signin-oidc"); // //o.SignedOutCallbackPath = new PathString("/signout-callback-oidc"); // //o.RemoteSignOutPath = new PathString("/signout-oidc"); // //o.Scope.Add("openid"); // //o.Scope.Add("profile"); // //o.ResponseMode = OpenIdConnectResponseMode.FormPost; // /***********************************相关事件***********************************/ // // 未授权时,重定向到OIDC服务器时触发 // //o.Events.OnRedirectToIdentityProvider = context => Task.CompletedTask; // // 获取到授权码时触发 // //o.Events.OnAuthorizationCodeReceived = context => Task.CompletedTask; // // 接收到OIDC服务器返回的认证信息(包含Code, ID Token等)时触发 // //o.Events.OnMessageReceived = context => Task.CompletedTask; // // 接收到TokenEndpoint返回的信息时触发 // //o.Events.OnTokenResponseReceived = context => Task.CompletedTask; // // 验证Token时触发 // //o.Events.OnTokenValidated = context => Task.CompletedTask; // // 接收到UserInfoEndpoint返回的信息时触发 // //o.Events.OnUserInformationReceived = context => Task.CompletedTask; // // 出现异常时触发 // //o.Events.OnAuthenticationFailed = context => Task.CompletedTask; // // 退出时,重定向到OIDC服务器时触发 // //o.Events.OnRedirectToIdentityProviderForSignOut = context => Task.CompletedTask; // // OIDC服务器退出后,服务端回调时触发 // //o.Events.OnRemoteSignOut = context => Task.CompletedTask; // // OIDC服务器退出后,客户端重定向时触发 // //o.Events.OnSignedOutCallbackRedirect = context => Task.CompletedTask; //}); #endregion //注册简单的定时任务执行 //services.AddSingleton<Microsoft.Extensions.Hosting.IHostedService, MainService>(); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddDbContext <CrazyBullDbContext>(options => options.UseSqlServer(Configuration.GetConnectionString("Conn"))); services.AddScoped <CrazyBullDbContext>(); services.AddScoped <ICategoryService, CategoryService>(); services.AddScoped(typeof(IRepository <>), typeof(Repository <>)); // Add framework services. services.AddMvc(); // Register the Swagger generator, defining one or more Swagger documents services.AddSwaggerGen(c => { c.SwaggerDoc("v1", new Info { Title = "My API", Version = "v1" }); //添加header过滤器 c.OperationFilter <HttpHeaderOperation>(); //Set the comments path for the swagger json and ui. var basePath = PlatformServices.Default.Application.ApplicationBasePath; var xmlPath = Path.Combine(basePath, "CrazyBull.Api.xml"); c.IncludeXmlComments(xmlPath); }); #region 发放Token // 从文件读取密钥 string keyDir = PlatformServices.Default.Application.ApplicationBasePath; if (RSAUtils.TryGetKeyParameters(keyDir, true, out RSAParameters keyParams) == false) { keyParams = RSAUtils.GenerateAndSaveKey(keyDir); } var _key = new RsaSecurityKey(keyParams); var _options = new JWTTokenOptions() { Key = _key, Audience = "TestAudience", Issuer = "TestIssuer", // 签发者名称 Credentials = new SigningCredentials(_key, SecurityAlgorithms.RsaSha256Signature) }; services.AddAuthorization(auth => { auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser() .Build()); }); #endregion //.net core 2.0 鉴权和1.1写法不一样,参数JwtBearerOption是一样的,之前写在Configure方法里,现在只需要在Configurez方法中写一句app.UseAuthentication() #region 鉴权Token services.AddAuthentication(options => { options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { IssuerSigningKey = _options.Key, ValidAudience = _options.Audience, // 设置接收者必须是 TestAudience ValidIssuer = _options.Issuer, // 设置签发者必须是 TestIssuer ValidateLifetime = true }; }); #endregion //services.AddMvc().AddJsonOptions(options => { options.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver(); }); services.AddSingleton(_options); //添加允许跨域 services.AddCors(options => options.AddPolicy("AllowSameDomain", builder => builder.WithOrigins("*").WithHeaders("date"). AllowAnyMethod().AllowAnyHeader().AllowAnyOrigin().AllowCredentials()) ); //return services.BuilderInterceptableServiceProvider(builder=>builder.SetDynamicProxyFactory()); }