.net core 3.1認証認可基礎モデルと運行メカニズム及び中間部品パイプ探秘
交流QQ群:555913397何か問題があったら、みんなと一緒に交流しましょう.
カスタムクッキー認証パイプラインを作成...多くの人がはっきりしていないと信じていますが、ここでは心の中の疑問を明らかにします.くだらないことは言わないで、コードをつけて...
カスタムクッキー認証パイプラインを作成...多くの人がはっきりしていないと信じていますが、ここでは心の中の疑問を明らかにします.くだらないことは言わないで、コードをつけて...
1.カスタム認証認証を作成してTicketのHanlderを発行する
Ticket Ticket
using System.Security.Claims;
using System.Text;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http;
namespace CoreMvc.Utinity.Authentications
{
public class CoreMvcAuthenticationHandler : IAuthenticationHandler, IAuthenticationSignInHandler, IAuthenticationSignOutHandler
{
public AuthenticationScheme Scheme { get; private set; }
protected HttpContext Context { get; private set; }
///
///
///
///
public async Task AuthenticateAsync()
{
string cookie = Context.Request.Cookies["AuthenticationScheme"];
if (string.IsNullOrEmpty(cookie))
{
return AuthenticateResult.NoResult();
}
return await Task.FromResult(AuthenticateResult.Success(Deserialize(cookie)));
}
///
///
///
///
///
public Task ChallengeAsync(AuthenticationProperties properties)
{
Context.Response.Redirect("/home/login");
return Task.CompletedTask;
}
///
///
///
///
///
public Task ForbidAsync(AuthenticationProperties properties)
{
Context.Response.StatusCode = 403;
return Task.CompletedTask;
}
///
/// Handler
///
///
/// http
///
public Task InitializeAsync(AuthenticationScheme scheme, HttpContext context)
{
Scheme = scheme;
Context = context;
return Task.CompletedTask;
}
///
///
///
///
///
///
public Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties properties)
{
AuthenticationTicket ticket = new AuthenticationTicket(user, properties, Scheme.Name);
Context.Response.Cookies.Append("AuthenticationScheme", Serialize(ticket));
return Task.CompletedTask;
}
///
///
///
///
///
public Task SignOutAsync(AuthenticationProperties properties)
{
Context.Response.Cookies.Delete("AuthenticationScheme");
return Task.CompletedTask;
}
///
/// Ticket
///
/// Ticket
///
public AuthenticationTicket Deserialize(string ticket)
{
byte[] byteTicket = Encoding.Default.GetBytes(ticket);
return TicketSerializer.Default.Deserialize(byteTicket);
}
///
/// Ticket
///
/// AuthenticationTicket
///
public string Serialize(AuthenticationTicket ticket)
{
byte[] byteTicket = TicketSerializer.Default.Serialize(ticket);
return Encoding.Default.GetString(byteTicket);
}
}
}
2.カスタムHandlerの登録
Startup.cs ConfigureServices(IServiceCollection services)
// Handler
services.AddAuthenticationCore(options =>
{
options.AddScheme("AuthenticationScheme", "AuthenticationScheme");
});
3.登録認証認証によるTicketパイプの作成
Startup.cs Configure(IApplicationBuilder app, IWebHostEnvironment env)
//
app.Map("/Home/Login", buider =>
// Ticket
buider.UseAddAuthenticationCreate());
//
app.UseAddAuthentication();
//
app.UseAddAuthorizetion();
//
app.Map("/resouce", builder => builder.Run(async (context) =>
{
await context.Response.WriteAsync($"welcome to .net core {context.User.Identity.Name}");
}));
app.Run(async (HttpContext context) =>
{
await context.Response.WriteAsync("Hello World,success!");
});
4.ミドルウェア拡張方法
B .
using System;
using CoreMvc.Utinity.MiddleWare.Authentications;
using Microsoft.AspNetCore.Builder;
namespace CoreMvc.Utinity.MiddleWare
{
public static class MiddleWareExtension
{
///
/// Ticket
///
/// IApplicationBuilder
///
public static IApplicationBuilder UseAddAuthenticationCreate(this IApplicationBuilder app)
{
if (app == null)
{
throw new ArgumentNullException(nameof(app));
}
return app.UseMiddleware();
}
///
///
///
/// IApplicationBuilder
///
public static IApplicationBuilder UseAddAuthentication(this IApplicationBuilder app)
{
if (app == null)
{
throw new ArgumentNullException(nameof(app));
}
return app.UseMiddleware();
}
///
///
///
/// IApplicationBuilder
///
public static IApplicationBuilder UseAddAuthorizetion(this IApplicationBuilder app)
{
if (app == null)
{
throw new ArgumentNullException(nameof(app));
}
return app.UseMiddleware();
}
}
}
5.Ticketミドルウェアの作成
.
using System.Collections.Generic;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http;
namespace CoreMvc.Utinity.MiddleWare.Authentications
{
///
/// Ticket
///
public class AuthenticationCreate
{
private readonly RequestDelegate _next;
public AuthenticationCreate(RequestDelegate next)
{
_next = next;
}
public async Task Invoke(HttpContext context)
{
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new List
{
new Claim(ClaimTypes.Name, "fqydhk"),
new Claim(ClaimTypes.MobilePhone, "13151********")
}, "login");
await context.SignInAsync("AuthenticationScheme", new ClaimsPrincipal(claimsIdentity));
await _next(context);
}
}
}
6.認証ミドルウェア
Ticket,
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http;
namespace CoreMvc.Utinity.MiddleWare.Authentications
{
///
///
///
public class Authentication
{
private readonly RequestDelegate _next;
public Authentication(RequestDelegate next)
{
_next = next;
}
public async Task Invoke(HttpContext context)
{
AuthenticateResult result = await context.AuthenticateAsync("AuthenticationScheme");
if (null != result?.Principal)
{
context.User = result.Principal;
await _next(context);
}
else
{
await context.ChallengeAsync("AuthenticationScheme");
}
}
}
}
7.承認ミドルウェア
, ,
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http;
namespace CoreMvc.Utinity.MiddleWare.Authentications
{
///
///
///
public class Authorization
{
private readonly RequestDelegate _next;
public Authorization(RequestDelegate next)
{
_next = next;
}
public async Task Invoke(HttpContext context)
{
System.Security.Claims.ClaimsPrincipal user = context.User;
if (user.Identity.Name == "fqydhk")
{
await _next(context);
}
else
{
await context.ForbidAsync("AuthenticationScheme");
}
}
}
}