48 lines
2.0 KiB
C#
48 lines
2.0 KiB
C#
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
|
using Microsoft.IdentityModel.Tokens;
|
|
using System.Text;
|
|
|
|
namespace AI.Api.WebCore
|
|
{
|
|
public static class AuthenticationServiceExtensions
|
|
{
|
|
/// <summary>
|
|
/// 添加认证和授权
|
|
/// </summary>
|
|
/// <param name="services">服务集合</param>
|
|
/// <returns></returns>
|
|
public static IServiceCollection AddAuth(this IServiceCollection services, string issuer, string audience, string secretKey)
|
|
{
|
|
services.AddAuthentication(options =>
|
|
{
|
|
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
|
|
}).AddJwtBearer(options =>
|
|
{
|
|
options.TokenValidationParameters = new TokenValidationParameters()
|
|
{
|
|
ValidateIssuer = true, //是否验证Issuer
|
|
ValidIssuer = issuer, //发行人Issuer
|
|
ValidateAudience = true, //是否验证Audience
|
|
ValidAudience = audience, //订阅人Audience
|
|
ValidateIssuerSigningKey = true, //是否验证SecurityKey
|
|
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey)), //SecurityKey
|
|
ValidateLifetime = true, //是否验证失效时间
|
|
ClockSkew = TimeSpan.FromSeconds(30), //过期时间容错值,解决服务器端时间不同步问题(秒)
|
|
RequireExpirationTime = true,
|
|
};
|
|
|
|
});
|
|
|
|
|
|
return services;
|
|
//services.AddAuthorization(options =>
|
|
//{
|
|
// options.AddPolicy(Constant.Policy.FreePolicyName,
|
|
// policy => policy.RequireClaim(Constant.Auth.PermissionsKey, Constant.Auth.FreeClaimValue, Constant.Auth.VipClaimValue));
|
|
// options.AddPolicy(Constant.Policy.VipPolicyName,
|
|
// policy => policy.RequireClaim(Constant.Auth.PermissionsKey, Constant.Auth.VipClaimValue));
|
|
//});
|
|
}
|
|
}
|
|
}
|