public static void AddOpenAuth(this IServiceCollection services, Action <OpenAuthOptions> action) { var option = new OpenAuthOptions(); action.Invoke(option); if (string.IsNullOrEmpty(option.Authority)) { throw new ArgumentNullException($"{nameof(option.Authority)} must be not null"); } if (string.IsNullOrEmpty(option.ClientId) || string.IsNullOrEmpty(option.ClientSecret)) { throw new ArgumentNullException($"{nameof(option.ClientId)} or {nameof(option.ClientSecret)} must not be null"); } services.AddScoped(o => option); services.AddScoped <ITokenService, TokenService>(); services.AddAuthentication(options => { //认证middleware配置 options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(config => { config.TokenValidationParameters = new TokenValidationParameters { //Token颁发机构 ValidIssuer = "OpenAuth", //颁发给谁 ValidAudience = option.ClientName, //这里的key要进行加密 IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(option.ClientSecret)), //是否验证Token有效期,使用当前时间与Token的Claims中的NotBefore和Expires对比 ValidateLifetime = true, }; config.SaveToken = true; }); }
public TokenService(OpenAuthOptions options) { _options = options; }