1

身份服务器负载平衡失败。启动多个身份服务器实例时无法正常工作。使用单个身份服务器实例,它按预期工作正常。是因为我的 IdentityServer4 实现不保留刷新令牌吗?

最初,我的身份服务器将所有内容都存储在内存中。现在身份服务器负载平衡失败后,尝试实现 IPersistantGrantStore 并添加 AddOperationalStore ,它创建了数据库。但是没有任何东西存储在那里。Startup.cs 在下面。如果有,请纠正我哪里不对了。

public void ConfigureServices(IServiceCollection services)
    {
        ApplicationSettings applicationSettings = Configuration
            .GetSection("ApplicationSettings")
            .Get<ApplicationSettings>();

        DatabaseSettings dbSettings = Configuration
            .GetSection("DatabaseSettings")
            .Get<DatabaseSettings>() ?? new DatabaseSettings();

        LoggingSettings loggingSettings = Configuration
            .GetSection("LoggingSettings")
            .Get<LoggingSettings>();

        var migrationsAssembly = this.GetType().Assembly.GetName().Name;



        services.AddMvc();

        services.InitialiseDbContext<PersistedGrantDbContext>(dbSettings);

        var appSettingsSection = Configuration.GetSection("ApplicationSettings");
        var appSettings = appSettingsSection.Get<ApplicationSettings>();

        services.Configure<ApplicationSettings>(appSettingsSection);

        .
        services.AddCors(options =>
        {
            options.AddPolicy("AllowAllOriginsHeadersAndMethods",
                builder => builder.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod());
        });

        var identityServerBuilder = services
            .AddIdentityServer(iso =>
            {
                if (String.IsNullOrEmpty(applicationSettings.PublicOriginUri) == false)
                    iso.PublicOrigin = applicationSettings.PublicOriginUri;

                if (String.IsNullOrEmpty(applicationSettings.IssuerUri) == false)
                    iso.IssuerUri = applicationSettings.IssuerUri;

                if (String.IsNullOrEmpty(applicationSettings.LoginUrl) == false)
                    iso.UserInteraction.LoginUrl = applicationSettings.LoginUrl;
            });

        if (CurrentEnvironment.IsDevelopment())
        {
            identityServerBuilder.AddDeveloperSigningCredential();
        }
        else
        {
            identityServerBuilder.AddSigningCredential(new CertificateManager().GetCertificate(applicationSettings.CertificateKey, applicationSettings.CertificatePrivateKey,
                        applicationSettings.CertificatePassword, string.Empty, string.Empty, applicationSettings.AWSEndPointRegion));
        }

        // this adds the operational data from DB (codes, tokens, consents)
        identityServerBuilder.AddOperationalStore(options =>
        {
            options.ConfigureDbContext = builder =>
                builder.UseNpgsql(dbSettings.ConnectionString,
                    sql => sql.MigrationsAssembly(migrationsAssembly));

            // this enables automatic token cleanup. this is optional.
            options.EnableTokenCleanup = true;
            options.TokenCleanupInterval = 10; // interval in seconds, short for testing
        });

        services.AddSingleton<IUserFacade, UserFacade>();
        services.AddTransient<IProfileService, ProfileService>();
        // Setup dependency injection (TODO: Replace the 'InMemoryXxxxx' services with real ones):
        services.AddScoped<IConfigurationFacade, InMemoryConfigurationFacade>();    
        services.AddSingleton<IClientStore, JsonFileClientStore>();
        services.AddSingleton<IResourceStore, ResourcesStore>();
        services.AddScoped<IHttpContextFacade, HttpContextFacade>();
        services.AddScoped<IUserContextFacade, UserContextFacade>();
        services.AddSingleton<IRestHelper, RestHelper>();
        services.AddTransient<IPersistedGrantStore, PersistedGrantStore>();

        services.AddHttpClient();

        ServiceProvider serviceProvider = services.BuildServiceProvider();
        IConfigurationFacade config = serviceProvider.GetService<IConfigurationFacade>();

        services
            .AddAuthentication(IdentityServerCookieName)
            .AddCookie(IdentityServerCookieName, options =>
            {
                options.ExpireTimeSpan = config.UserCookieInactiveLife();
            });
    }


private void InitializeDatabase(IApplicationBuilder app)
    {
        using (var serviceScope = app.ApplicationServices.GetService<IServiceScopeFactory>().CreateScope())
        {
            serviceScope.ServiceProvider.GetRequiredService<PersistedGrantDbContext>().Database.Migrate();

            //TODO-uncomment the below while enabling identityServerBuilder.AddConfigurationStore

            //var context = serviceScope.ServiceProvider.GetRequiredService<ConfigurationDbContext>();
            //context.Database.Migrate();
        }
    }

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        InitializeDatabase(app);

        app.UseCors("AllowAllOriginsHeadersAndMethods");

        app.UseForwardedHeaders(new ForwardedHeadersOptions
        {
            ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
        });

        app.UseIdentityServer();

        app.UseStaticFiles();
        app.UseMvcWithDefaultRoute();
    }

Identity Server 负载均衡失败需要解决

4

0 回答 0