using IdentityServer4;
using IdentityServer4.Models;
using Long.Common;
namespace Auth
{
///
/// 认证配置
///
public static class IdentityServer4Config
{
///
/// 范围
///
///
public static IEnumerable ApiScopes()
{
return new List
{
new ApiScope(IdsScope.GuestApi, "GuestAPI"),
new ApiScope(IdsScope.UserApi, "UserAPI"),
new ApiScope(IdsScope.AdminApi, "AdminAPI")
};
}
///
/// 资源
///
///
public static IEnumerable ApiResources()
{
return new List
{
new ApiResource("LongApi", "Dotnet Core API")
{
Scopes = { IdsScope.GuestApi, IdsScope.UserApi, IdsScope.AdminApi }
}
};
}
///
/// 客户端
///
///
public static IEnumerable Clients()
{
var configurationBuilder = new ConfigurationBuilder();
configurationBuilder.AddJsonFile("appsettings.json", false, true);
var configuration = configurationBuilder.Build();
return new List
{
new Client
{
ClientId = "guest",
AllowedGrantTypes = GrantTypes.ClientCredentials,
ClientSecrets =
{
new Secret("Long".Sha256())
},
AllowedScopes =
{
IdsScope.GuestApi,
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.OfflineAccess,
IdentityServerConstants.StandardScopes.Profile
},
AccessTokenLifetime = 24 * 3600,
AllowOfflineAccess = true,
RefreshTokenExpiration = TokenExpiration.Sliding,
SlidingRefreshTokenLifetime = 24 * 3600
},
new Client
{
ClientId = "user",
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
ClientSecrets =
{
new Secret("Long".Sha256())
},
AllowedScopes =
{
IdsScope.UserApi,
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.OfflineAccess,
IdentityServerConstants.StandardScopes.Profile
},
AccessTokenLifetime = 24 * 3600,
AllowOfflineAccess = true,
RefreshTokenExpiration = TokenExpiration.Sliding,
SlidingRefreshTokenLifetime = 24 * 3600
},
new Client
{
ClientId = "admin",
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
ClientSecrets =
{
new Secret("Long".Sha256())
},
AllowedScopes =
{
IdsScope.AdminApi,
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.OfflineAccess,
IdentityServerConstants.StandardScopes.Profile
},
AccessTokenLifetime = 24 * 3600,
AllowOfflineAccess = true,
RefreshTokenExpiration = TokenExpiration.Sliding,
SlidingRefreshTokenLifetime = 24 * 3600
},
new Client
{
ClientId = "web",
//ClientName = "admin",
AllowedGrantTypes = GrantTypes.Implicit,
RequireConsent = false,
RedirectUris = {configuration["RedirectUris"] },
PostLogoutRedirectUris = {configuration["PostLogoutRedirectUris"] },
ClientSecrets =
{
new Secret("Long".Sha256())
},
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile
}
}
};
}
}
}