是否可以通过从身份验证服务器(身份服务器 4)发出令牌并将令牌/凭据设置到 MVC 管道以进行授权,从而在 MVC“客户端”(.net 核心 2)中创建自定义登录表单?
认证服务器:
new Client{
ClientId = "MVC",
ClientName = "MVC",
RequireClientSecret = true,
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
ClientSecrets = {
new Secret("secret".Sha256())
},
AllowedScopes = {
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"roles",
configuration["AUTHENTICATION_SCOPE:SCOPE_ID"],
},
AllowOfflineAccess = true,
AlwaysSendClientClaims = true,
AlwaysIncludeUserClaimsInIdToken = true,
AccessTokenType = AccessTokenType.Reference,
AccessTokenLifetime = int.Parse(configuration["AccessTokenLifetime"]),
AbsoluteRefreshTokenLifetime = int.Parse(configuration["AbsoluteRefreshTokenLifetime"])}
MVC 客户端:
启动.cs
public void ConfigureServices(IServiceCollection services){
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
services.AddAuthentication(options =>
{
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
}).AddOpenIdConnect("oidc", options =>
{
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.Authority = "...";
options.RequireHttpsMetadata = false;
options.GetClaimsFromUserInfoEndpoint = true;
options.ClientId = "MVC";
options.ClientSecret = "secret";
options.ResponseType = "code id_token";
options.SaveTokens = true;
}).AddCookie(options =>
{
options.LoginPath = new PathString("/Account/Login/");
options.LogoutPath = new PathString("/Account/Logout/");
options.AccessDeniedPath = new PathString("/Account/Login/");
});}
AccountController.cs
[HttpPost, ValidateAntiForgeryToken]
public async Task<IActionResult> Login(LoginViewModel vm, string button){
if (!ModelState.IsValid)
return View(vm);
//HOW TO CONTINUE FROM HERE?
//Issue token from auth server and set it in the HttpContext.Authentication?}