C# IdentityServer4:如何根据环境设置权限?
所有IdentityServer 4示例在配置过程中对C# IdentityServer4:如何根据环境设置权限?,c#,asp.net,identityserver4,C#,Asp.net,Identityserver4,所有IdentityServer 4示例在配置过程中对权限属性进行硬编码: services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme) .AddIdentityServerAuthentication(options => { options.Authority = "http://localhost:500
权限
属性进行硬编码:
services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(options =>
{
options.Authority = "http://localhost:5000";
options.ApiName = "api";
options.RequireHttpsMetadata = Env.IsStaging() || Env.IsProduction();
});
我将如何根据环境(即暂存和生产)加载权限?我们就是这样做的:
每个环境都有不同的appSettings.json
文件
private readonly IHostingEnvironment _env;
public IConfigurationRoot Configuration { get; }
public Startup(IHostingEnvironment env)
{
_env = env;
var builder = new ConfigurationBuilder()
.SetBasePath(env.ContentRootPath)
.AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true)
.AddEnvironmentVariables();
Configuration = builder.Build();
}
public void ConfigureServices(IServiceCollection services)
{
services.Configure<IdentityServerSettings>(Configuration.GetSection("IdentityServerSettings"));
......
所有文件都包含IdentityServer的单独值。e、 g
{
"IdentityServerSettings": {
"Authority": "http://localhost:5000",
"ApiName": "tb5api"
}
}
然后在Startup.cs类中,我们根据当前环境加载设置json文件
private readonly IHostingEnvironment _env;
public IConfigurationRoot Configuration { get; }
public Startup(IHostingEnvironment env)
{
_env = env;
var builder = new ConfigurationBuilder()
.SetBasePath(env.ContentRootPath)
.AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true)
.AddEnvironmentVariables();
Configuration = builder.Build();
}
public void ConfigureServices(IServiceCollection services)
{
services.Configure<IdentityServerSettings>(Configuration.GetSection("IdentityServerSettings"));
......
在这种情况下,Env.IsStaging()和Env.IsProduction()还不够吗?@DanNguyen我不想基于布尔内联硬编码URL。我认为应该通过一些配置文件或环境变量来加载它们。如果从appsettings.json加载主机,在配置webhost时如何在program.cs中设置它们?从您的代码来看,您似乎是在从appsettings.json手动设置权限,但在配置Web主机时,您只是在使用默认主机。@Identity server或客户端网站的Bob webhost?@Bob我想这就是您在程序启动时设置权限的目的:正是我要找的。
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
#region Identity Server Config
var identityServerOptions = app.ApplicationServices.GetService<IOptions<IdentityServerSettings>>().Value;
// Setup Identity Server Options for this API -
app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
{
Authority = identityServerOptions.Authority,
RequireHttpsMetadata = false,
ApiName = identityServerOptions.ApiName,
NameClaimType = "username",
});
.......