public override void ConfigureServices(ConfigureServicesContext context)
{
var service = context.Services;
AppOptionSettings settings = service.GetAppSettings();
service.AddHttpContextAccessor();
service.AddAuthorization();
service.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
//x.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(jwt =>
{
Console.WriteLine($"{settings.Auth?.Authority}+++++++++++++++++++++{settings.Auth?.Audience}");
jwt.Authority = settings.Auth?.Authority ?? "http://10.1.40.210:8042";
jwt.Audience = settings.Auth?.Audience ?? "IDN.Services.BasicsService.API";
jwt.RequireHttpsMetadata = false;
jwt.Events = new JwtBearerEvents /*jwt自带事件*/
{
OnAuthenticationFailed = context =>
{
// 如果过期,则把<是否过期>添加到,返回头信息中
if (context.Exception.GetType() == typeof(SecurityTokenExpiredException))
{
context.Response.Headers.Add("Token-Expired", "true");
}
return(Task.CompletedTask);
}
};
});
}
protected override void AddAuthentication(IServiceCollection services)
{
AppOptionSettings settings = services.GetAppSettings();
var jwt = settings.Jwt;
var keyByteArray = Encoding.UTF8.GetBytes(jwt.SecretKey);
var signingKey = new SymmetricSecurityKey(keyByteArray);
var signingCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256);
var tokenValidationParameters = new TokenValidationParameters
{
IssuerSigningKey = signingKey,
ValidIssuer = jwt.Issuer ?? "Destiny", //发行人
ValidAudience = jwt.Audience ?? "Destiny", //订阅人
//ValidateLifetime = false, ////是否验证Token有效期,使用当前时间与Token的Claims中的NotBefore和Expires对比
ClockSkew = TimeSpan.Zero, ////允许的服务器时间偏移量
LifetimeValidator = (nbf, exp, token, param) => exp > DateTime.UtcNow
};
var Permission = new PermissionDto(
"/api/denied",
ClaimTypes.Role,
"",
settings.Jwt.Issuer,
settings.Jwt.Audience,
TimeSpan.FromSeconds(settings.Jwt.ExpireMins),
signingCredentials
);
services.AddAuthorization(
opt =>
{
opt.AddPolicy(PermissionAuthorize.Name, policy => policy.Requirements.Add(Permission));
}
);
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
//x.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(jwt =>
{
//jwt.SecurityTokenValidators.Clear();
//jwt.SecurityTokenValidators.Add(new CmsJwtSecurityTokenHandler());
jwt.TokenValidationParameters = tokenValidationParameters;
jwt.Events = new JwtBearerEvents /*jwt自带事件*/
{
OnAuthenticationFailed = context =>
{
// 如果过期,则把<是否过期>添加到,返回头信息中
if (context.Exception.GetType() == typeof(SecurityTokenExpiredException))
{
context.Response.Headers.Add("Token-Expired", "true");
}
return(Task.CompletedTask);
}
};
});
services.AddSingleton(Permission);
services.AddScoped <IJwtBearerService, JwtBearerService>();
}
protected DbContextBase(DbContextOptions options, IServiceProvider serviceProvider)
: base(options)
{
_serviceProvider = serviceProvider;
_option = serviceProvider.GetService <IObjectAccessor <AppOptionSettings> >()?.Value;
_logger = serviceProvider.GetLogger(GetType());
_principal = serviceProvider.GetService <IPrincipal>();
}
/// <summary>
/// 构造函数
/// </summary>
/// <param name="options"></param>
/// <param name="serviceProvider"></param>
protected SuktDbContextBase(DbContextOptions options, IServiceProvider serviceProvider) : base(options)
{
_serviceProvider = serviceProvider;
_appOptionSettings = serviceProvider.GetAppSettings();
this._logger = serviceProvider.GetLogger(GetType());
_auditEntryDictionaryScoped = serviceProvider.GetService <AuditEntryDictionaryScoped>();
_changeTracker = _serviceProvider.GetService <IGetChangeTracker>();
_principal = serviceProvider.GetService <IPrincipal>();
}
public override void ConfigureServices(ConfigureServicesContext context)
{
context.Services.AddFileProvider();
var configuration = context.Services.GetConfiguration();
if (configuration == null)
{
IConfigurationBuilder configurationBuilder = new ConfigurationBuilder()
.SetBasePath(Directory.GetCurrentDirectory())
.AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
.AddJsonFile("appsettings.Development.json", optional: true, reloadOnChange: true);
configuration = configurationBuilder.Build();
context.Services.AddSingleton <IConfiguration>(configuration);
}
AppOptionSettings option = new AppOptionSettings();
if (configuration != null)
{
configuration.Bind("Destiny", option);
context.Services.AddObjectAccessor(option);
context.Services.Configure <AppOptionSettings>(o => {
o.AuditEnabled = option.AuditEnabled;
o.Auth = option.Auth;
o.Cors = option.Cors;
o.DbContexts = option.DbContexts;
o.IsAutoAddFunction = option.IsAutoAddFunction;
o.Jwt = option.Jwt;
});
}
//context.Services.AddFileProvider();
//IConfiguration configuration = context.GetConfiguration();
//context.Services.Configure<AppOptionSettings>(configuration.GetSection("Destiny"));
//AppOptionSettings configuration2 = context.GetConfiguration<AppOptionSettings>("Destiny");
//context.Services.AddObjectAccessor(configuration2);
}
protected override void AddAuthentication(IServiceCollection services)
{
//AppOptionSettings settings = services.GetAppSettings();
//var jwt = settings.Jwt;
//var keyByteArray = Encoding.UTF8.GetBytes(jwt.SecretKey);
//var signingKey = new SymmetricSecurityKey(keyByteArray);
//var signingCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256);
//var tokenValidationParameters = new TokenValidationParameters
//{
// IssuerSigningKey = signingKey,
// ValidIssuer = jwt.Issuer ?? "Destiny",//发行人
// ValidAudience = jwt.Audience ?? "Destiny",//订阅人
// //ValidateLifetime = false, ////是否验证Token有效期,使用当前时间与Token的Claims中的NotBefore和Expires对比
// ClockSkew = TimeSpan.Zero, ////允许的服务器时间偏移量
// LifetimeValidator = (nbf, exp, token, param) => exp > DateTime.UtcNow
//};
//services.AddAuthorization();
//services.AddAuthentication(x =>
//{
// x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
// //x.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
// x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
//}).AddJwtBearer(jwt =>
//{
// jwt.Authority = "http://localhost:5000";
// jwt.Audience = "Destiny.Core.Flow.API";
// jwt.RequireHttpsMetadata = false;
// //jwt.SecurityTokenValidators.Clear();
// //jwt.SecurityTokenValidators.Add(new CmsJwtSecurityTokenHandler());
// //jwt.TokenValidationParameters = tokenValidationParameters;
// jwt.Events = new JwtBearerEvents /*jwt自带事件*/
// {
// OnAuthenticationFailed = context =>
// {
// // 如果过期,则把<是否过期>添加到,返回头信息中
// if (context.Exception.GetType() == typeof(SecurityTokenExpiredException))
// {
// context.Response.Headers.Add("Token-Expired", "true");
// }
// return Task.CompletedTask;
// }
// };
//});
AppOptionSettings settings = services.GetAppSettings();
var jwt = settings.Jwt;
var keyByteArray = Encoding.UTF8.GetBytes(jwt.SecretKey);
var signingKey = new SymmetricSecurityKey(keyByteArray);
var signingCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256);
var tokenValidationParameters = new TokenValidationParameters
{
IssuerSigningKey = signingKey,
ValidIssuer = jwt.Issuer ?? "Destiny", //发行人
ValidAudience = jwt.Audience ?? "Destiny", //订阅人
//ValidateLifetime = false, ////是否验证Token有效期,使用当前时间与Token的Claims中的NotBefore和Expires对比
ClockSkew = TimeSpan.Zero, ////允许的服务器时间偏移量
LifetimeValidator = (nbf, exp, token, param) => exp > DateTime.UtcNow
};
services.AddAuthorization();
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
//x.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(jwt =>
{
//jwt.SecurityTokenValidators.Clear();
//jwt.SecurityTokenValidators.Add(new CmsJwtSecurityTokenHandler());
jwt.TokenValidationParameters = tokenValidationParameters;
jwt.Events = new JwtBearerEvents /*jwt自带事件*/
{
OnAuthenticationFailed = context =>
{
// 如果过期,则把<是否过期>添加到,返回头信息中
if (context.Exception.GetType() == typeof(SecurityTokenExpiredException))
{
context.Response.Headers.Add("Token-Expired", "true");
}
return(Task.CompletedTask);
}
};
});
//services.AddScoped<IJwtBearerService, JwtBearerService>();
}
public override void ConfigureServices(ConfigureServicesContext context)
{
var service = context.Services;
service.AddControllers(x =>
{
x.SuppressAsyncSuffixInActionNames = false;
//x.Filters.Add<PermissionAuthorizationFilter>();
x.Filters.Add <AuditLogFilter>();
}).AddNewtonsoftJson(options =>
{
options.SerializerSettings.DateFormatString = "yyyy-MM-dd HH:mm:ss";
});
context.Services.AddFileProvider();
var configuration = service.GetConfiguration();
if (configuration == null)
{
IConfigurationBuilder configurationBuilder = new ConfigurationBuilder()
.SetBasePath(Directory.GetCurrentDirectory())
.AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
.AddJsonFile("appsettings.Development.json", optional: true, reloadOnChange: true);
configuration = configurationBuilder.Build();
context.Services.AddSingleton <IConfiguration>(configuration);
}
var basePath = Microsoft.DotNet.PlatformAbstractions.ApplicationEnvironment.ApplicationBasePath; //获取项目路径
context.Services.AddSingleton <IFileProvider>(new PhysicalFileProvider(basePath));
service.Configure <AppOptionSettings>(configuration.GetSection("SuktCore"));
AppOptionSettings option = new AppOptionSettings();
if (configuration != null)
{
configuration.Bind("SuktCore", option);
context.Services.AddObjectAccessor(option);
context.Services.Configure <AppOptionSettings>(o => {
o.AuditEnabled = option.AuditEnabled;
o.Auth = option.Auth;
o.Cors = option.Cors;
o.DbContexts = option.DbContexts;
o.Jwt = option.Jwt;
});
}
var settings = service.GetAppSettings();
service.AddTransient <IPrincipal>(provider =>
{
IHttpContextAccessor accessor = provider.GetService <IHttpContextAccessor>();
return(accessor?.HttpContext?.User);
});
if (!settings.Cors.PolicyName.IsNullOrEmpty() && !settings.Cors.Url.IsNullOrEmpty()) //添加跨域
{
_corePolicyName = settings.Cors.PolicyName;
service.AddCors(c =>
{
c.AddPolicy(settings.Cors.PolicyName, policy =>
{
policy.WithOrigins(settings.Cors.Url
.Split(",", StringSplitOptions.RemoveEmptyEntries).ToArray())
//policy.WithOrigins("http://localhost:5001")//支持多个域名端口,注意端口号后不要带/斜杆:比如localhost:8000/,是错的
.AllowAnyHeader().AllowAnyMethod().AllowCredentials();//允许cookie;
});
});
}
}