/// <summary>
/// 认证服务
/// </summary>
/// <param name="services"></param>
/// <param name="configuration"></param>
/// <returns></returns>
public static void AddAuthService(this IServiceCollection services, IConfiguration configuration)
{
//认证服务器配置
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryIdentityResources(IdentityConfig.GetIdentityResources())
.AddInMemoryApiResources(IdentityConfig.GetApiResources())
.AddInMemoryApiScopes(IdentityConfig.GetApiScope())
.AddInMemoryClients(IdentityConfig.GetClients())
.AddResourceOwnerValidator <PasswordValidator>()
.AddProfileService <ProfileService>();
//资源服务器配置
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultForbidScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddIdentityServerAuthentication(options =>
{
options.Authority = configuration["ApplicationConfiguration:Url"];
options.RequireHttpsMetadata = false;
options.ApiName = "api";
options.Events = new JwtBearerEvents
{
OnMessageReceived = context =>
{
if (context.Request.Query.TryGetValue("token", out StringValues token))
{
context.Token = token;
}
return(Task.CompletedTask);
},
OnAuthenticationFailed = context =>
{
var te = context.Exception;
return(Task.CompletedTask);
}
};
});
}