In the password mode (Resource Owner Password Credentials Grant), the user provides their user name and password to the client. The client uses this information to request authorization from the provider provider. The OAuth 2.0 Authorization Service "Client Credentials grant" modification is implemented based on the previous IdentityServer3.
Client
Public classClients { Public StaticList<client>Get () {return NewList<client> { //no human involved NewClient {ClientName="App Interface Services", ClientId="app_test_id", Enabled=true, Accesstokentype=accesstokentype.reference, Flow=flows.clientcredentials, Clientsecrets=NewList<secret> { NewSecret ("F621f470-9731-4a25-80ef-67a6f7c5f4b8". SHA256 ())}, Allowedscopes=Newlist<string> { "User", "Order" } }, //Human is involved NewClient {ClientName="Username Client", ClientId="Irving", Enabled=true, Accesstokentype=accesstokentype.reference, Flow=Flows.resourceowner, Clientsecrets=NewList<secret> { NewSecret ("21b5f798-be55-42bc-8aa8-0025b903dc3b". SHA256 ())}, Allowedscopes=Newlist<string> { "User", "Order" } } }; } }
User
Public classUsers { Public StaticList<inmemoryuser>Get () {return NewList<inmemoryuser> { NewInmemoryuser {Username="Irving", Password="123456", Subject="1", Claims=New[] { NewClaim (Constants.ClaimTypes.GivenName,"Bob"), NewClaim (Constants.ClaimTypes.FamilyName,"Smith") } }, NewInmemoryuser {Username="Bob", Password="Secret", Subject="2" }, NewInmemoryuser {Username="Alice", Password="Secret", Subject="3" } }; } }
server-side configuration
Public classStartup {/// <summary> ///Configuring the IDSV Licensing service/// </summary> /// <param name= "app" ></param> Public voidConfiguration (Iappbuilder app) {varopts =Newidentityserveroptions {SiteName="Embedded Homeinns PMS 2.0 OAuth2 Service", Enablewelcomepage=true, Factory=Newidentityserverservicefactory (). Useinmemoryclients (Clients.get ()). Useinmemoryscopes (Scopes.get ())//. Useinmemoryusers (New list<inmemoryuser> ()), . Useinmemoryusers (Users.get ()), requireSSL=false, //signingcertificate = new X509Certificate2 (string. Format (@ "{0}\bin\identityserver\idsrv3test.pfx", AppDomain.CurrentDomain.BaseDirectory), "Idsrv3test") }; App. Useidentityserver (opts); /*//Custom routing app. Map ("/identity", Idsrvapp = {idsrvapp.useidentityserver (opts); }); */ }
Controller
[Route ("api/v1/values")] Public classValuescontroller:apicontroller { PublicIhttpactionresult Get () {varCaller = User asClaimsPrincipal; varSubjectclaim = caller. FindFirst ("Sub"); if(Subjectclaim! =NULL) { returnJson (New{message="OK User", Client= caller. FindFirst ("client_id"). Value, Subject=Subjectclaim.value}); } Else { returnJson (New{message="OK Computer", Client= caller. FindFirst ("client_id"). Value}); } } }
Control Desk
classProgram {Static voidMain (string[] args) { /*POSTHttp://192.168.210.165/connect/tokenhttp/1.1 Accept:application/json Authorization:basic Yxbwx3rlc3rfawq6rjyymuy0nzatotcz Ms00qti1ltgwruytnjdbnky3qzvgnei4 content-type:application/x-www-form-urlencoded host:192.1 68.210.165 content-length:40 expect:100-continue connection:keep-alive Grant_type=client_credentials&scope=user*/ /*GEThttp://192.168.210.165: 88/api/v1/values http/1.1 authorization:bearer 9f82476751e1f8b93f1ea6df7de83b51 Host: 192.168.210.165:88*/ varLog =Newloggerconfiguration (). WriteTo. Literateconsole (outputtemplate:"{Timestamp:HH:mm} [{level}] ({name:l}) {NewLine} {message}{newline}{exception}") . Createlogger (); //ClientCredentials vartoken =NewTokenclient ("Http://192.168.210.165/connect/token", "app_test_id", "F621f470-9731-4a25-80ef-67a6f7c5f4b8"); varResponse = token. Requestclientcredentialsasync ("User"). Result; varClient =NewHttpClient (); Client. Setbearertoken (response. Accesstoken); Log.information (client. Getstringasync ("http://192.168.210.165:88/api/v1/values"). Result); //Resourceowner varResourceownerclient =NewTokenclient ("Http://192.168.210.165/connect/token", "Irving", "21b5f798-be55-42bc-8aa8-0025b903dc3b"); vardata = Resourceownerclient.requestresourceownerpasswordasync ("Irving","123456","Order"). Result; Client. Setbearertoken (data. Accesstoken); Log.information (client. Getstringasync ("http://192.168.210.165:88/api/v1/values"). Result); Console.readkey (); } }}
Implementation of the OAuth 2.0 Licensing Service "password mode (Resource Owner Password Credentials) based on IdentityServer3