Edition 0 Updated to asp. Net core 0


Authenticate with bearer tokens



Yüklə 11,82 Mb.
Pdf görüntüsü
səhifə276/288
tarix12.07.2023
ölçüsü11,82 Mb.
#136458
1   ...   272   273   274   275   276   277   278   279   ...   288
NET-Microservices-Architecture-for-Containerized-NET-Applications

Authenticate with bearer tokens 
Authenticating with ASP.NET Core Identity (or Identity plus external authentication providers) works 
well for many web application scenarios in which storing user information in a cookie is appropriate. 
In other scenarios, though, cookies are not a natural means of persisting and transmitting data. 
For example, in an ASP.NET Core Web API that exposes RESTful endpoints that might be accessed by 
Single Page Applications (SPAs), by native clients, or even by other Web APIs, you typically want to 
use bearer token authentication instead. These types of applications do not work with cookies, but 
can easily retrieve a bearer token and include it in the authorization header of subsequent requests. 
To enable token authentication, ASP.NET Core supports several options for using 
OAuth 2.0
 and 
OpenID Connect



325 
CHAPTER 8 | Make secure .NET Microservices and Web Applications 
Authenticate with an OpenID Connect or OAuth 2.0 Identity provider 
If user information is stored in Azure Active Directory or another identity solution that supports 
OpenID Connect or OAuth 2.0, you can use the 
Microsoft.AspNetCore.Authentication.OpenIdConnect
package to authenticate using the OpenID 
Connect workflow. For example, to authenticate to the Identity.Api microservice in 
eShopOnContainers, an ASP.NET Core web application can use middleware from that package as 
shown in the following simplified example in 
Program.cs

// Program.cs
var
identityUrl = builder.
Configuration
.
GetValue
<
string
>(
"IdentityUrl"
); 
var
callBackUrl = builder.
Configuration
.
GetValue
<
string
>(
"CallBackUrl"
); 
var
sessionCookieLifetime = builder.
Configuration
.
GetValue
(
"SessionCookieLifetimeMinutes"

60
); 
// Add Authentication services
services.
AddAuthentication
(options => 

options.
DefaultScheme
= CookieAuthenticationDefaults.
AuthenticationScheme

options.
DefaultChallengeScheme
= JwtBearerDefaults.
AuthenticationScheme

}) 
.
AddCookie
(setup => setup.
ExpireTimeSpan
= TimeSpan.
FromMinutes
(sessionCookieLifetime)) 
.
AddOpenIdConnect
(options => 

options.
SignInScheme
= CookieAuthenticationDefaults.
AuthenticationScheme

options.
Authority
= identityUrl.
ToString
(); 
options.
SignedOutRedirectUri
= callBackUrl.
ToString
(); 
options.
ClientId
= useLoadTest ? 
"mvctest"

"mvc"

options.
ClientSecret

"secret"

options.
ResponseType
= useLoadTest ? 
"code id_token token"

"code id_token"

options.
SaveTokens


Yüklə 11,82 Mb.

Dostları ilə paylaş:
1   ...   272   273   274   275   276   277   278   279   ...   288




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin