C# auth
2024-10-15 08:05 qgbo 阅读(16) 评论(0) 收藏 举报
1,这个是好的:
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.DataProtection;
using System.Security.Claims;
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
builder.Services.AddAuthentication(options => {
options.DefaultAuthenticateScheme = "Cookies";
options.DefaultSignInScheme = "Cookies";
options.DefaultChallengeScheme = "Cookies";
options.RequireAuthenticatedSignIn = false;
}).AddCookie("Cookies");
builder.Services.AddAuthorization(options =>
{
options.AddPolicy("AtLeast21",
policy =>
{
policy.AuthenticationSchemes = new[] { "Cookies" };
policy.RequireUserName("zhangsan");
});
});
var app = builder.Build();
app.Use(async (context, n) => {
var endpoint = context.GetEndpoint();
var authorizeData = endpoint?.Metadata.GetOrderedMetadata<IAuthorizeData>() ?? Array.Empty<IAuthorizeData>();
var policies = endpoint?.Metadata.GetOrderedMetadata<AuthorizationPolicy>() ?? Array.Empty<AuthorizationPolicy>();
var _policyProvider = context.RequestServices.GetService<IAuthorizationPolicyProvider>();
var policy = await AuthorizationPolicy.CombineAsync(_policyProvider, authorizeData, policies);
await n(context);
});
app.UseAuthentication();
app.UseAuthorization();
app.MapGet("/weatherforecast", (HttpContext httpContext) =>
{
return "forecast " + httpContext.Request.Cookies.FirstOrDefault().Value;
}).RequireAuthorization("AtLeast21");
app.MapGet("/Account/Login", async (IAuthenticationService authenticationService, HttpContext httpContext, IDataProtectionProvider dataProtection) =>
{
var claims = new Claim[] { new Claim(ClaimTypes.Name, "zhangsan") };
var id = new ClaimsIdentity(claims);
var principal = new ClaimsPrincipal(id);
// await authenticationService.SignInAsync(httpContext, CookieAuthenticationDefaults.AuthenticationScheme, principal,
// new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(TimeSpan.FromSeconds(45)) });
var dataProtector = dataProtection.CreateProtector("Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", "Cookies", "v2");
var ticket = new AuthenticationTicket(principal, null, "Cookies");
var cookies = new TicketDataFormat(dataProtector).Protect(ticket);
httpContext.Response.Cookies.Append(CookieAuthenticationDefaults.CookiePrefix + Uri.EscapeDataString("Cookies"), cookies);
httpContext.Response.Headers.Location = "/weatherforecast";
httpContext.Response.StatusCode = 302;
//httpContext.Response.Redirect("/weatherforecast");
await httpContext.Response.WriteAsync("rrrrrrrrrr");
});
app.Run();
2. 多重身份
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.DataProtection;
using System.Security.Claims;
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.RequireAuthenticatedSignIn = false;
}).AddCookie(CookieAuthenticationDefaults.AuthenticationScheme).
AddCookie("Cookies2");
builder.Services.AddAuthorization(options =>
{
options.AddPolicy("mypolicy", policy =>
{
policy.AddAuthenticationSchemes(CookieAuthenticationDefaults.AuthenticationScheme);
policy.RequireUserName("zhangsan");
});
});
var app = builder.Build();
app.UseAuthentication();
app.UseAuthorization();
app.MapGet("/weatherforecast", (HttpContext context) =>
{
return "forecast";
}).RequireAuthorization("mypolicy");
app.MapGet("/Account/Login", async (IAuthenticationService authenticationService, HttpContext httpContext, IDataProtectionProvider dataProtection) =>
{
var claims = new Claim[] { new Claim(ClaimTypes.Name, "zhangsan") };
var identity = new ClaimsIdentity(claims);
var principal = new ClaimsPrincipal(identity);
await authenticationService.SignInAsync(httpContext, null, principal,
new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(TimeSpan.FromSeconds(45)) });
#region
//var dataProtector = dataProtection.CreateProtector("Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", "Cookies", "v2");
//var ticket = new AuthenticationTicket(principal, null, "Cookies");
//var cookies = new TicketDataFormat(dataProtector).Protect(ticket);
//httpContext.Response.Cookies.Append(CookieAuthenticationDefaults.CookiePrefix + Uri.EscapeDataString("Cookies"), cookies);
//httpContext.Response.Headers.Location = "/weatherforecast";
//httpContext.Response.StatusCode = 302;
// httpContext.Response.Redirect("/weatherforecast");
#endregion
return "forecast";
}).AllowAnonymous();
app.MapGet("/Account/Login2", async (IAuthenticationService authenticationService, HttpContext httpContext, IDataProtectionProvider dataProtection) =>
{
var claims = new Claim[] { new Claim(ClaimTypes.Name, "zhangsan2") };
var identity = new ClaimsIdentity(claims);
var principal = new ClaimsPrincipal(identity);
await authenticationService.SignInAsync(httpContext, "Cookies2", principal,
new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(TimeSpan.FromSeconds(45)) });
return "forecast";
}).AllowAnonymous();
app.Run();
[18:12] Qi, Gongbo (CN)(EXTERN) using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.DataProtection; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http.Features; using Microsoft.AspNetCore.Identity; using Microsoft.Extensions.Options; using System.Security.Claims; using System.Xml.Linq; var builder = WebApplication.CreateBuilder(args); // Add services to the container. builder.Services.AddAuthentication(options => { options.DefaultAuthenticateScheme = "Cookies"; options.DefaultSignInScheme = "Cookies"; options.DefaultChallengeScheme = "Cookies"; options.RequireAuthenticatedSignIn = false; }).AddCookie("Cookies", options => { options.ExpireTimeSpan = TimeSpan.FromSeconds(30); } ); builder.Services.AddAuthorization(options => { options.AddPolicy("AtLeast21", policy => { policy.AuthenticationSchemes = new[] { "Cookies" }; policy.RequireUserName("zhangsan"); } ); }); var app = builder.Build(); // Configure the HTTP request pipeline. app.Use(async (context, n) => { var endpoint = context.GetEndpoint(); var authorizeData = endpoint?.Metadata.GetOrderedMetadata<IAuthorizeData>() ?? Array.Empty<IAuthorizeData>(); var policies = endpoint?.Metadata.GetOrderedMetadata<AuthorizationPolicy>() ?? Array.Empty<AuthorizationPolicy>(); var _policyProvider = context.RequestServices.GetService<IAuthorizationPolicyProvider>(); var policy = await AuthorizationPolicy.CombineAsync(_policyProvider, authorizeData, policies); await n(context); }); app.UseAuthentication(); app.UseAuthorization(); app.MapGet("/weatherforecast", (HttpContext httpContext) => { return "forecast"+ httpContext.Request.Cookies.FirstOrDefault().Value; }).RequireAuthorization("AtLeast21"); app.MapGet("/Account/Login", async (IAuthenticationService authenticationService, HttpContext httpContext, IDataProtectionProvider dataProtection) => { var claims = new Claim[] { new Claim(ClaimTypes.Name, "zhangsan") }; var id = new ClaimsIdentity(claims); var principal = new ClaimsPrincipal(id); // await authenticationService.SignInAsync(httpContext, CookieAuthenticationDefaults.AuthenticationScheme, principal, // new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(TimeSpan.FromSeconds(45)) }); var dataProtector = dataProtection.CreateProtector("Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", "Cookies", "v2"); var ticket = new AuthenticationTicket(principal, null, "Cookies"); var cookies = new TicketDataFormat(dataProtector).Protect(ticket); httpContext.Response.Cookies.Append(CookieAuthenticationDefaults.CookiePrefix + Uri.EscapeDataString("Cookies"), cookies); httpContext.Response.Headers.Location = "/weatherforecast"; httpContext.Response.StatusCode = 302; //httpContext.Response.Redirect("/weatherforecast"); await httpContext.Response.WriteAsync("rrrrrrrrrr"); Console.WriteLine("sssss"); return Task.CompletedTask; }); app.Run();
1 using Microsoft.AspNetCore.Authentication; 2 using Microsoft.AspNetCore.Authorization; 3 using Microsoft.AspNetCore.DataProtection; 4 using Microsoft.AspNetCore.Http; 5 using Microsoft.AspNetCore.Identity; 6 using Microsoft.Extensions.Options; 7 using System.Security.Claims; 8 9 var builder = WebApplication.CreateBuilder(args); 10 11 // Add services to the container. 12 13 builder.Services.AddAuthentication(options => { 14 options.DefaultAuthenticateScheme = "Cookies"; 15 options.DefaultSignInScheme = "Cookies"; 16 options.DefaultChallengeScheme = "Cookies"; 17 }).AddCookie("Cookies"); 18 19 20 builder.Services.AddAuthorization(options => 21 { 22 options.AddPolicy("AtLeast21", 23 policy => 24 { 25 policy.AuthenticationSchemes = new[] { "Cookies" }; 26 policy.RequireUserName("zhangsan"); 27 } 28 ); 29 }); 30 31 32 var app = builder.Build(); 33 34 // Configure the HTTP request pipeline. 35 app.Use(async (context, n) => { 36 37 var endpoint = context.GetEndpoint(); 38 var authorizeData = endpoint?.Metadata.GetOrderedMetadata<IAuthorizeData>() ?? Array.Empty<IAuthorizeData>(); 39 40 var policies = endpoint?.Metadata.GetOrderedMetadata<AuthorizationPolicy>() ?? Array.Empty<AuthorizationPolicy>(); 41 var _policyProvider = context.RequestServices.GetService<IAuthorizationPolicyProvider>(); 42 var policy = await AuthorizationPolicy.CombineAsync(_policyProvider, authorizeData, policies); 43 44 await n(context); 45 }); 46 47 app.UseAuthentication(); 48 app.UseAuthorization(); 49 50 51 52 53 54 app.MapGet("/weatherforecast", () => 55 { 56 return "forecast"; 57 }).RequireAuthorization("AtLeast21"); 58 59 60 app.MapGet("/Account/Login", context => 61 { 62 var claims = new Claim[] { new Claim(ClaimTypes.Name,"zhangsan") }; 63 var id = new ClaimsIdentity(claims); 64 65 66 var principle = new ClaimsPrincipal(id); 67 68 var protector= DataProtectionProvider.Create("aa").CreateProtector("aa"); 69 70 71 var s = new AuthenticationTicket(principle,"Cookies"); 72 var cookies= new SecureDataFormat<AuthenticationTicket>(TicketSerializer.Default, protector).Protect(s); 73 74 context.Response.Cookies.Append("Cookies", cookies); 75 return Task.CompletedTask; 76 }); 77 78 app.Run();
using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.DataProtection; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Identity; using System.Security.Claims; var builder = WebApplication.CreateBuilder(args); // Add services to the container. builder.Services.AddAuthentication("").AddCookie(); builder.Services.AddAuthorization(); var app = builder.Build(); // Configure the HTTP request pipeline. app.UseAuthentication(); app.UseAuthorization(); app.MapGet("/weatherforecast", () => { return "forecast"; }).RequireAuthorization(); app.MapGet("/Account/Login", context => { var claims = new Claim[] { new Claim(ClaimTypes.Name,"zhangsan") }; var id = new ClaimsIdentity(claims); var principle = new ClaimsPrincipal(id); var protector= DataProtectionProvider.Create("aa").CreateProtector("aa"); var s = new AuthenticationTicket(principle,"Cookies"); var cookies= new SecureDataFormat<AuthenticationTicket>(TicketSerializer.Default, protector).Protect(s); context.Response.Cookies.Append("cookies", cookies); context.Response.StatusCode = 200; context.Response.Redirect(context.Request.Query["ReturnUrl"]); return Task.CompletedTask; }); app.Run();
openid
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.DataProtection;
using Microsoft.Extensions.Options;
using System.Web;
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = "bearer";
options.DefaultSignInScheme = "bearer";
}).AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
.AddJwtBearer("bearer", options =>
{
options.Authority = "http://localhost:8080/realms/master";
//options.Audience = "https://yourdomain.com";
//options.ClaimsIssuer = "https://yourdomain.com";
//options.TokenValidationParameters = new TokenValidationParameters
//{
// ValidateIssuerSigningKey = false,
// IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("your-secret-keyyour-secret-keyyour-secret-keyyour-secret-keyyour-secret-keyyour-secret-keyyour-secret-keyyour-secret-keyyour-secret-keyyour-secret-keyyour-secret-key")),
// ValidateIssuer = false,
// ValidateAudience = false
//};
Console.WriteLine("aaa");
});
builder.Services.AddAuthorization(options =>
{
options.AddPolicy("mypolicy", policy =>
{
policy.AddAuthenticationSchemes("bearer");
policy.RequireAssertion(t =>
{
return t.User.Identity.IsAuthenticated;
});
});
});
builder.Services.AddAuthorization(options =>
{
options.AddPolicy("Cookies2", policy =>
{
policy.AddAuthenticationSchemes("Cookies2");
policy.RequireAssertion(t =>
{
return t.User.Identity?.Name?.StartsWith("zhangsan") ?? false;
});
});
});
var app = builder.Build();
#region
//app.Use(async (c, n) => {
// var endpoint = c.GetEndpoint();
// var authorizeData = endpoint?.Metadata.GetOrderedMetadata<IAuthorizeData>() ?? Array.Empty<IAuthorizeData>();
// var policies = endpoint?.Metadata.GetOrderedMetadata<AuthorizationPolicy>() ?? Array.Empty<AuthorizationPolicy>();
// var _policyProvider = c.RequestServices.GetService<IAuthorizationPolicyProvider>();
// var policy = await AuthorizationPolicy.CombineAsync(_policyProvider, authorizeData, policies);
// await n(c);
//});
#endregion
app.UseAuthentication();
app.Use((c, n) =>
{
if (c.Request.Path.ToString().Contains("weatherforecast") && c.User.Identity.IsAuthenticated == false)
{
var s = HttpUtility.UrlEncode("http://localhost:5295/weatherforecast");
var authUrl = "http://localhost:8080/realms/master/protocol/openid-connect/auth?" +
"response_type=code&" +
"client_id=test&" +
$"redirect_uri={s}&" +
"scope=openid&" +
"state=" + Guid.NewGuid().ToString() + "&" +
"nonce=your-nonce-value";
c.Response.Redirect(authUrl);
return Task.CompletedTask;
}
return n(c);
});
app.UseAuthorization();
app.MapGet("/", (HttpContext context, IOptions<JwtBearerOptions> opt) =>
{
return "options Challenge: ";
});
app.MapGet("/weatherforecast", (HttpContext context) =>
{
return "forecast " + context.User.Identity.Name;
}).RequireAuthorization("mypolicy");
app.MapGet("/Account/Login", async (IAuthenticationService authenticationService, HttpContext httpContext, IDataProtectionProvider dataProtection) =>
{
//var claims = new Claim[] { new Claim(ClaimTypes.Name, "zhangsan") };
//var identity = new ClaimsIdentity(claims, authenticationType: "bearer");
//var principal = new ClaimsPrincipal(identity);
//await authenticationService.SignInAsync(httpContext, null, principal,
// new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(TimeSpan.FromSeconds(1145)) });
var jwt = JwtGenerator.GenerateJwt("https://yourdomain.com", "https://yourdomain.com",
"your-secret-keyyour-secret-keyyour-secret-keyyour-secret-keyyour-secret-keyyour-secret-keyyour-secret-keyyour-secret-keyyour-secret-keyyour-secret-keyyour-secret-key");
return jwt;
#region
//var dataProtector = dataProtection.CreateProtector("Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", "Cookies", "v2");
//var ticket = new AuthenticationTicket(principal, null, "Cookies");
//var cookies = new TicketDataFormat(dataProtector).Protect(ticket);
//httpContext.Response.Cookies.Append(CookieAuthenticationDefaults.CookiePrefix + Uri.EscapeDataString("Cookies"), cookies);
//httpContext.Response.Headers.Location = "/weatherforecast";
//httpContext.Response.StatusCode = 302;
// httpContext.Response.Redirect("/weatherforecast");
#endregion
});
app.Run();
气功波(18037675651)
浙公网安备 33010602011771号