public static void AddOpenAuth(this IServiceCollection services, Action <OpenAuthOptions> action)
{
var option = new OpenAuthOptions();
action.Invoke(option);
if (string.IsNullOrEmpty(option.Authority))
{
throw new ArgumentNullException($"{nameof(option.Authority)} must be not null");
}
if (string.IsNullOrEmpty(option.ClientId) || string.IsNullOrEmpty(option.ClientSecret))
{
throw new ArgumentNullException($"{nameof(option.ClientId)} or {nameof(option.ClientSecret)} must not be null");
}
services.AddScoped(o => option);
services.AddScoped <ITokenService, TokenService>();
services.AddAuthentication(options =>
{
//认证middleware配置
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(config =>
{
config.TokenValidationParameters = new TokenValidationParameters
{
//Token颁发机构
ValidIssuer = "OpenAuth",
//颁发给谁
ValidAudience = option.ClientName,
//这里的key要进行加密
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(option.ClientSecret)),
//是否验证Token有效期,使用当前时间与Token的Claims中的NotBefore和Expires对比
ValidateLifetime = true,
};
config.SaveToken = true;
});
}
public TokenService(OpenAuthOptions options)
{
_options = options;
}
