From 1ebd9e5d4497eedfb2b25f2b45815620cb7d6a98 Mon Sep 17 00:00:00 2001 From: bicijinlian Date: Fri, 16 Jun 2023 20:00:32 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E6=9B=B4=E6=96=B0.net=E7=89=88?= =?UTF-8?q?=E6=9C=AC=EF=BC=8C=E5=AE=89=E5=85=A8=E7=9B=B8=E5=85=B3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../AuthStudy.Authentication.Basic.csproj | 1 + .../AuthStudy.Authentication.Browser.csproj | 1 + .../BrowserAuthenticationExtensions.cs | 2 +- .../AuthStudy.Authentication.Digest.csproj | 4 ++++ .../AuthStudy.Authentication.Shared.csproj | 4 ++++ .../AuthStudy.Authentication.SqlServer.csproj | 4 ++++ .../AuthStudy.Authentication.UrlQuery.csproj | 4 ++++ AuthStudy.WebApp/AuthStudy.WebApp.csproj | 1 + .../Controllers/AccountsController.cs | 21 ++++++++++++++----- AuthStudy.WebApp/Program.cs | 11 +++------- Docs/说明.md | 8 +++++++ 11 files changed, 47 insertions(+), 14 deletions(-) diff --git a/AuthStudy.Authentication.Basic/AuthStudy.Authentication.Basic.csproj b/AuthStudy.Authentication.Basic/AuthStudy.Authentication.Basic.csproj index 3cc0a7d..a383da2 100644 --- a/AuthStudy.Authentication.Basic/AuthStudy.Authentication.Basic.csproj +++ b/AuthStudy.Authentication.Basic/AuthStudy.Authentication.Basic.csproj @@ -8,6 +8,7 @@ + diff --git a/AuthStudy.Authentication.Browser/AuthStudy.Authentication.Browser.csproj b/AuthStudy.Authentication.Browser/AuthStudy.Authentication.Browser.csproj index 18c26a9..75921b5 100644 --- a/AuthStudy.Authentication.Browser/AuthStudy.Authentication.Browser.csproj +++ b/AuthStudy.Authentication.Browser/AuthStudy.Authentication.Browser.csproj @@ -9,6 +9,7 @@ + diff --git a/AuthStudy.Authentication.Browser/BrowserAuthenticationExtensions.cs b/AuthStudy.Authentication.Browser/BrowserAuthenticationExtensions.cs index f1fc63a..85fafdd 100644 --- a/AuthStudy.Authentication.Browser/BrowserAuthenticationExtensions.cs +++ b/AuthStudy.Authentication.Browser/BrowserAuthenticationExtensions.cs @@ -46,7 +46,7 @@ namespace AuthStudy.Authentication.Browser private static IServiceCollection AddService(this IServiceCollection builder, BrowserAuthenticationOptions option) { - BrowserAuthenticationOptions defaultOption = option ?? new(); + BrowserAuthenticationOptions defaultOption = option ?? new(){AllowBrowsers = BrowserAuthenticationDefault.AllowBrowsers}; builder.AddSingleton(defaultOption); builder.AddSingleton(); diff --git a/AuthStudy.Authentication.Digest/AuthStudy.Authentication.Digest.csproj b/AuthStudy.Authentication.Digest/AuthStudy.Authentication.Digest.csproj index d8b8d08..7082396 100644 --- a/AuthStudy.Authentication.Digest/AuthStudy.Authentication.Digest.csproj +++ b/AuthStudy.Authentication.Digest/AuthStudy.Authentication.Digest.csproj @@ -10,6 +10,10 @@ + + + + diff --git a/AuthStudy.Authentication.Shared/AuthStudy.Authentication.Shared.csproj b/AuthStudy.Authentication.Shared/AuthStudy.Authentication.Shared.csproj index cfadb03..c3594f0 100644 --- a/AuthStudy.Authentication.Shared/AuthStudy.Authentication.Shared.csproj +++ b/AuthStudy.Authentication.Shared/AuthStudy.Authentication.Shared.csproj @@ -6,4 +6,8 @@ enable + + + + diff --git a/AuthStudy.Authentication.SqlServer/AuthStudy.Authentication.SqlServer.csproj b/AuthStudy.Authentication.SqlServer/AuthStudy.Authentication.SqlServer.csproj index a636233..c12c8bd 100644 --- a/AuthStudy.Authentication.SqlServer/AuthStudy.Authentication.SqlServer.csproj +++ b/AuthStudy.Authentication.SqlServer/AuthStudy.Authentication.SqlServer.csproj @@ -6,6 +6,10 @@ enable + + + + diff --git a/AuthStudy.Authentication.UrlQuery/AuthStudy.Authentication.UrlQuery.csproj b/AuthStudy.Authentication.UrlQuery/AuthStudy.Authentication.UrlQuery.csproj index a636233..c12c8bd 100644 --- a/AuthStudy.Authentication.UrlQuery/AuthStudy.Authentication.UrlQuery.csproj +++ b/AuthStudy.Authentication.UrlQuery/AuthStudy.Authentication.UrlQuery.csproj @@ -6,6 +6,10 @@ enable + + + + diff --git a/AuthStudy.WebApp/AuthStudy.WebApp.csproj b/AuthStudy.WebApp/AuthStudy.WebApp.csproj index 9e85913..335d4df 100644 --- a/AuthStudy.WebApp/AuthStudy.WebApp.csproj +++ b/AuthStudy.WebApp/AuthStudy.WebApp.csproj @@ -8,6 +8,7 @@ + diff --git a/AuthStudy.WebApp/Controllers/AccountsController.cs b/AuthStudy.WebApp/Controllers/AccountsController.cs index 387b75c..df6a355 100644 --- a/AuthStudy.WebApp/Controllers/AccountsController.cs +++ b/AuthStudy.WebApp/Controllers/AccountsController.cs @@ -12,13 +12,14 @@ namespace AuthStudy.WebApp.Controllers [ApiController] public class AccountsController : ControllerBase { - public AccountsController() + private ILogger _logger; + public AccountsController(ILogger logger) { - + _logger = logger; } //多特性是and特性内逗号分隔是or - //[Authorize] + [Authorize] //[Authorize(AuthenticationSchemes = AuthenticationSchemeList.BaseBrowserScheme)] //[Authorize(AuthenticationSchemes = AuthenticationSchemeList.BrowserScheme)] //[Authorize(AuthenticationSchemes = AuthenticationSchemeList.BasicScheme)] @@ -27,12 +28,22 @@ namespace AuthStudy.WebApp.Controllers [HttpGet] public async Task GetAll() { - var dd = await HttpContext.AuthenticateAsync(); + var authenticateResult = await HttpContext.AuthenticateAsync(); + if (authenticateResult.Succeeded) + { + _logger.LogInformation("认证成功"); + } + else + { + Response.StatusCode = 401; + _logger.LogInformation("认证失败"); + return new ContentResult() { StatusCode = 401,Content=authenticateResult.Failure?.Message}; + } //输出认证信息 foreach (var claim in User.Claims) { - Console.WriteLine($"{claim.Type}={claim.Value}"); + _logger.LogInformation($"{claim.Type}={claim.Value}"); } List accounts = new() diff --git a/AuthStudy.WebApp/Program.cs b/AuthStudy.WebApp/Program.cs index 2810b30..2e50638 100644 --- a/AuthStudy.WebApp/Program.cs +++ b/AuthStudy.WebApp/Program.cs @@ -12,7 +12,7 @@ namespace AuthStudy.WebApp public static void Main(string[] args) { WebApplicationBuilder builder = WebApplication.CreateBuilder(args); - + // 添加服务到IoC容器 builder.Services.AddControllers(); // Swagger 注册 @@ -48,8 +48,8 @@ namespace AuthStudy.WebApp { var claims = new[] { - new Claim(ClaimTypes.NameIdentifier, context.Username, ClaimValueTypes.String, context.Options.ClaimsIssuer), - new Claim(ClaimTypes.Name, context.Username, ClaimValueTypes.String, context.Options.ClaimsIssuer) + new Claim(ClaimTypes.NameIdentifier, context.Username??"", ClaimValueTypes.String, context.Options.ClaimsIssuer), + new Claim(ClaimTypes.Name, context.Username??"", ClaimValueTypes.String, context.Options.ClaimsIssuer) }; context.Principal = new ClaimsPrincipal(new ClaimsIdentity(claims, context.Scheme.Name)); @@ -78,11 +78,6 @@ namespace AuthStudy.WebApp app.MapControllers(); app.Run(); - - void Test() - { - - } } } } \ No newline at end of file diff --git a/Docs/说明.md b/Docs/说明.md index 0039b9c..0aac100 100644 --- a/Docs/说明.md +++ b/Docs/说明.md @@ -78,3 +78,11 @@ ``` +## 认证与授权实质关系 ++ 认证与授权是两个独立的 `中间件`,通过请求上下文的 User 属性进行 “交互”; ++ 认证 -> 认证凭据放入 请求上下文(HttpContext)的User属性(实质是一个ClaimsPrincipal对象); ++ 授权 -> 先从请求上下文的User属性拿到凭据:ClaimsPrincipal, 然后进行权限判定; + +## 认证使用方式 ++ 配合授权一起使用:api控制器或方法上加特性[Authorize],由框架自动调用 ++ 在Api方法内部调用 HttpContext 扩展方法: `var result = HttpContext.AuthenticateAsync();` 拿到认证结果,手动执行自己的逻辑。