.net core 3.1認証認可基礎モデルと運行メカニズム及び中間部品パイプ探秘

9710 ワード

交流QQ群:555913397何か問題があったら、みんなと一緒に交流しましょう.
カスタムクッキー認証パイプラインを作成...多くの人がはっきりしていないと信じていますが、ここでは心の中の疑問を明らかにします.くだらないことは言わないで、コードをつけて...

1.カスタム認証認証を作成してTicketのHanlderを発行する

         Ticket        Ticket         
using System.Security.Claims;
using System.Text;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http;

namespace CoreMvc.Utinity.Authentications
{
    public class CoreMvcAuthenticationHandler : IAuthenticationHandler, IAuthenticationSignInHandler, IAuthenticationSignOutHandler
    {
        public AuthenticationScheme Scheme { get; private set; }
        protected HttpContext Context { get; private set; }

        /// 
        ///   
        /// 
        /// 
        public async Task AuthenticateAsync()
        {
            string cookie = Context.Request.Cookies["AuthenticationScheme"];
            if (string.IsNullOrEmpty(cookie))
            {
                return AuthenticateResult.NoResult();
            }
            return await Task.FromResult(AuthenticateResult.Success(Deserialize(cookie)));
        }

        /// 
        ///     
        /// 
        /// 
        /// 
        public Task ChallengeAsync(AuthenticationProperties properties)
        {
            Context.Response.Redirect("/home/login");
            return Task.CompletedTask;
        }

        /// 
        ///         
        /// 
        /// 
        /// 
        public Task ForbidAsync(AuthenticationProperties properties)
        {
            Context.Response.StatusCode = 403;
            return Task.CompletedTask;
        }

        /// 
        ///      Handler
        /// 
        ///     
        /// http   
        /// 
        public Task InitializeAsync(AuthenticationScheme scheme, HttpContext context)
        {
            Scheme = scheme;
            Context = context;
            return Task.CompletedTask;
        }

        /// 
        ///   
        /// 
        /// 
        /// 
        /// 
        public Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties properties)
        {
            AuthenticationTicket ticket = new AuthenticationTicket(user, properties, Scheme.Name);
            Context.Response.Cookies.Append("AuthenticationScheme", Serialize(ticket));
            return Task.CompletedTask;
        }

        /// 
        ///   
        /// 
        /// 
        /// 
        public Task SignOutAsync(AuthenticationProperties properties)
        {
            Context.Response.Cookies.Delete("AuthenticationScheme");
            return Task.CompletedTask;
        }

        /// 
        ///     Ticket
        /// 
        ///    Ticket
        /// 
        public AuthenticationTicket Deserialize(string ticket)
        {
            byte[] byteTicket = Encoding.Default.GetBytes(ticket);
            return TicketSerializer.Default.Deserialize(byteTicket);
        }

        /// 
        ///    Ticket
        /// 
        /// AuthenticationTicket
        /// 
        public string Serialize(AuthenticationTicket ticket)
        {
            byte[] byteTicket = TicketSerializer.Default.Serialize(ticket);
            return Encoding.Default.GetString(byteTicket);
        }
    }
}


2.カスタムHandlerの登録

     Startup.cs  ConfigureServices(IServiceCollection services)   
  //     Handler
  services.AddAuthenticationCore(options =>
    {
        options.AddScheme("AuthenticationScheme", "AuthenticationScheme");
    });

3.登録認証認証によるTicketパイプの作成

     Startup.cs Configure(IApplicationBuilder app, IWebHostEnvironment env)   
    //      
    app.Map("/Home/Login", buider =>
    //  Ticket   
    buider.UseAddAuthenticationCreate());
    //     
    app.UseAddAuthentication();
    //     
    app.UseAddAuthorizetion();
    //       
    app.Map("/resouce", builder => builder.Run(async (context) =>
        {
        await context.Response.WriteAsync($"welcome to .net core {context.User.Identity.Name}");
        }));
    app.Run(async (HttpContext context) =>
    {
        await context.Response.WriteAsync("Hello World,success!");
    });

4.ミドルウェア拡張方法

              B      .
using System;
using CoreMvc.Utinity.MiddleWare.Authentications;
using Microsoft.AspNetCore.Builder;

namespace CoreMvc.Utinity.MiddleWare
{
    public static class MiddleWareExtension
    {
        /// 
        ///   Ticket   
        /// 
        /// IApplicationBuilder
        /// 
        public static IApplicationBuilder UseAddAuthenticationCreate(this IApplicationBuilder app)
        {
            if (app == null)
            {
                throw new ArgumentNullException(nameof(app));
            }

            return app.UseMiddleware();
        }

        /// 
        ///      
        /// 
        /// IApplicationBuilder
        /// 
        public static IApplicationBuilder UseAddAuthentication(this IApplicationBuilder app)
        {
            if (app == null)
            {
                throw new ArgumentNullException(nameof(app));
            }

            return app.UseMiddleware();
        }

        /// 
        ///      
        /// 
        /// IApplicationBuilder
        /// 
        public static IApplicationBuilder UseAddAuthorizetion(this IApplicationBuilder app)
        {

            if (app == null)
            {
                throw new ArgumentNullException(nameof(app));
            }

            return app.UseMiddleware();
        }
    }
}

5.Ticketミドルウェアの作成

                .
using System.Collections.Generic;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http;

namespace CoreMvc.Utinity.MiddleWare.Authentications
{
    /// 
    ///     Ticket
    /// 
    public class AuthenticationCreate
    {
        private readonly RequestDelegate _next;

        public AuthenticationCreate(RequestDelegate next)
        {
            _next = next;
        }

        public async Task Invoke(HttpContext context)
        {
            ClaimsIdentity claimsIdentity = new ClaimsIdentity(new List
            {
                new Claim(ClaimTypes.Name, "fqydhk"),
                new Claim(ClaimTypes.MobilePhone, "13151********")
            }, "login");
            await context.SignInAsync("AuthenticationScheme", new ClaimsPrincipal(claimsIdentity));
            await _next(context);
        }
    }
}

6.認証ミドルウェア

               Ticket,      
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http;

namespace CoreMvc.Utinity.MiddleWare.Authentications
{
    /// 
    ///   
    /// 
    public class Authentication
    {
        private readonly RequestDelegate _next;
        public Authentication(RequestDelegate next)
        {
            _next = next;
        }

        public async Task Invoke(HttpContext context)
        {
            AuthenticateResult result = await context.AuthenticateAsync("AuthenticationScheme");
            if (null != result?.Principal)
            {
                context.User = result.Principal;
                await _next(context);
            }
            else
            {
                await context.ChallengeAsync("AuthenticationScheme");
            }

        }
    }
}


7.承認ミドルウェア

                 ,         ,                  
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http;

namespace CoreMvc.Utinity.MiddleWare.Authentications
{
    /// 
    ///   
    /// 
    public class Authorization
    {
        private readonly RequestDelegate _next;
        public Authorization(RequestDelegate next)
        {
            _next = next;
        }

        public async Task Invoke(HttpContext context)
        {
            System.Security.Claims.ClaimsPrincipal user = context.User;
            if (user.Identity.Name == "fqydhk")
            {
                await _next(context);
            }
            else
            {
                await context.ForbidAsync("AuthenticationScheme");
            }
        }
    }
}


以上、简単な発行Ticket鉴権管理を実现しました...何か疑问があれば、伝言を歓迎したり、QQ群を加えたりして皆さんと一绪に検讨してください