첨부 실행 코드는 나눔고딕코딩 폰트를 사용합니다.
본 블로그는 광고를 포함하고 있습니다.
광고 클릭에서 발생하는 수익금은 모두 블로그 콘텐츠 향상을 위해 쓰여집니다.

728x90
반응형
728x170

TestSolution.zip
다운로드

[TestIdentityServer 프로젝트]

▶ Properties/launchSetting.json

{
    "iisSettings" :
    {
        "windowsAuthentication"   : false, 
        "anonymousAuthentication" : true, 
        "iisExpress"              :
        {
            "applicationUrl" : "http://localhost:50000",
            "sslPort"        : 44300
        }
    },
    "profiles" :
    {
        "IIS Express" :
        {
            "commandName"          : "IISExpress",
            "launchBrowser"        : true,
            "environmentVariables" :
            {
                "ASPNETCORE_ENVIRONMENT" : "Development"
            }
        },
        "TestAuthorizationServer" :
        {
            "commandName"          : "Project",
            "launchBrowser"        : true,
            "applicationUrl"       : "https://localhost:5001;http://localhost:5000",
            "environmentVariables" :
            {
                "ASPNETCORE_ENVIRONMENT" : "Development"
            }
        }
    }
}

 

▶ Configuration.cs

using System.Collections.Generic;

using IdentityModel;
using IdentityServer4;
using IdentityServer4.Models;

namespace TestIdentityServer
{
    /// <summary>
    /// 구성
    /// </summary>
    public static class Configuration
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Static
        //////////////////////////////////////////////////////////////////////////////// Public

        #region 신원 리소스 리스트 구하기 - GetIdentityResourceList()

        /// <summary>
        /// 신원 리소스 리스트 구하기
        /// </summary>
        /// <returns>신원 리소스 리스트</returns>
        public static List<IdentityResource> GetIdentityResourceList()
        {
            return new List<IdentityResource>()
            {
                new IdentityResources.OpenId(),
                new IdentityResources.Profile()
            };
        }

        #endregion
        #region API 범위 리스트 구하기 - GetAPIScopeList()

        /// <summary>
        /// API 범위 리스트 구하기
        /// </summary>
        /// <returns>API 범위 리스트</returns>
        public static List<ApiScope> GetAPIScopeList()
        {
            return new List<ApiScope>
            {
                new ApiScope("API1", "API 1"),
                new ApiScope("API2", "API 2")
            };
        }

        #endregion
        #region 클라이언트 리스트 구하기 - GetClientList()

        /// <summary>
        /// 클라이언트 리스트 구하기
        /// </summary>
        /// <returns>클라이언트 리스트</returns>
        public static List<Client> GetClientList()
        {
            return new List<Client>
            {
                new Client
                {
                    AllowedGrantTypes = GrantTypes.ClientCredentials,
                    ClientId          = "CLIENTID0002",
                    ClientSecrets     = { new Secret("CLIENTSECRET0002".ToSha256()) },
                    AllowedScopes     = new List<string> { "API1" }
                },
                new Client
                {
                    AllowedGrantTypes = GrantTypes.Code,
                    ClientId          = "CLIENTID0003",
                    ClientSecrets     = { new Secret("CLIENTSECRET0003".ToSha256()) },
                    RedirectUris      = { "https://localhost:44330/signin-oidc" },
                    AllowedScopes     = new List<string>
                    {
                        "API1", 
                        "API2",
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile
                    },
                    RequireConsent   = false,
                }
            };
        }

        #endregion
    }
}

 

▶ Startup.cs

using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;

using TestIdentityServer.Data;

namespace TestIdentityServer
{
    /// <summary>
    /// 시작
    /// </summary>
    public class Startup
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 서비스 컬렉션 구성하기 - ConfigureServices(services)

        /// <summary>
        /// 서비스 컬렉션 구성하기
        /// </summary>
        /// <param name="services">서비스 컬렉션</param>
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddDbContext<DatabaseContext>(options => { options.UseInMemoryDatabase("MemoryDB"); });

            services.AddIdentity<IdentityUser, IdentityRole>
            (
                options =>
                {
                    options.Password.RequiredLength         = 4;
                    options.Password.RequireDigit           = false;
                    options.Password.RequireNonAlphanumeric = false;
                    options.Password.RequireUppercase       = false;
                }
            )
            .AddEntityFrameworkStores<DatabaseContext>()
            .AddDefaultTokenProviders();

            services.ConfigureApplicationCookie
            (
                options =>
                {
                    options.Cookie.Name = "IdentityServer.Cookie";
                    options.LoginPath   = "/Auth/Login";
                }
            );

            services.AddIdentityServer()
                .AddAspNetIdentity<IdentityUser>()
                .AddInMemoryIdentityResources(Configuration.GetIdentityResourceList())
                .AddInMemoryApiScopes(Configuration.GetAPIScopeList())
                .AddInMemoryClients(Configuration.GetClientList())
                .AddDeveloperSigningCredential();

            services.AddControllersWithViews();
        }

        #endregion
        #region 구성하기 - Configure(app, environment)

        /// <summary>
        /// 구성하기
        /// </summary>
        /// <param name="app">애플리케이션 빌더</param>
        /// <param name="environment">웹 호스트 환경</param>
        public void Configure(IApplicationBuilder app, IWebHostEnvironment environment)
        {
            if(environment.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }

            app.UseRouting();

            app.UseIdentityServer();

            app.UseEndpoints
            (
                endpoints =>
                {
                    endpoints.MapDefaultControllerRoute();
                }
            );
        }

        #endregion
    }
}

 

▶ Program.cs

using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;

namespace TestIdentityServer
{
    /// <summary>
    /// 프로그램
    /// </summary>
    public class Program
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Static
        //////////////////////////////////////////////////////////////////////////////// Public

        #region 프로그램 시작하기 - Main(argumentArray)

        /// <summary>
        /// 프로그램 시작하기
        /// </summary>
        /// <param name="argumentArray">인자 배열</param>
        public static void Main(string[] argumentArray)
        {
            IHost host = CreateHostBuilder(argumentArray).Build();

            using(IServiceScope scope = host.Services.CreateScope())
            {
                UserManager<IdentityUser> userManager = scope.ServiceProvider.GetRequiredService<UserManager<IdentityUser>>();

                IdentityUser user = new IdentityUser("alice");

                userManager.CreateAsync(user, "alice").GetAwaiter();
            }
            
            host.Run();
        }

        #endregion
        #region 호스트 빌더 생성하기 - CreateHostBuilder(argumentArray)

        /// <summary>
        /// 호스트 빌더 생성하기
        /// </summary>
        /// <param name="argumentArray">인자 배열</param>
        /// <returns>호스트 빌더</returns>
        public static IHostBuilder CreateHostBuilder(string[] argumentArray) =>
            Host.CreateDefaultBuilder(argumentArray)
                .ConfigureWebHostDefaults
                (
                    builder =>
                    {
                        builder.UseStartup<Startup>();
                    }
                );

        #endregion
    }
}

 

[TestAPIServer1 프로젝트]

▶ Properties/launchSettings.json

{
    "iisSettings" :
    {
        "windowsAuthentication"   : false, 
        "anonymousAuthentication" : true, 
        "iisExpress"              :
        {
            "applicationUrl" : "http://localhost:50010",
            "sslPort"        : 44310
        }
    },
    "profiles" :
    {
        "IIS Express" :
        {
            "commandName"          : "IISExpress",
            "launchBrowser"        : true,
            "environmentVariables" :
            {
                "ASPNETCORE_ENVIRONMENT" : "Development"
            }
        },
        "TestAuthorizationServer" :
        {
            "commandName"          : "Project",
            "launchBrowser"        : true,
            "applicationUrl"       : "https://localhost:5001;http://localhost:5000",
            "environmentVariables" :
            {
                "ASPNETCORE_ENVIRONMENT" : "Development"
            }
        }
    }
}

 

▶ Startup.cs

using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.IdentityModel.Tokens;

namespace TestAPIServer1
{
    /// <summary>
    /// 시작
    /// </summary>
    public class Startup
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 서비스 컬렉션 구성하기 - ConfigureServices(services)

        /// <summary>
        /// 서비스 컬렉션 구성하기
        /// </summary>
        /// <param name="services">서비스 컬렉션</param>
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddAuthentication("Bearer")
                .AddJwtBearer
                (
                    "Bearer",
                    options =>
                    {
                        options.Authority                 = "https://localhost:44300/";
                        options.TokenValidationParameters = new TokenValidationParameters
                        {
                            ValidateAudience = false
                        };
                    }
                );

            services.AddAuthorization
            (
                options =>
                {
                    options.AddPolicy
                    (
                        "APIScope",
                        policy =>
                        {
                            policy.RequireAuthenticatedUser();
                            policy.RequireClaim("scope", "API1");
                        }
                    );
                }
            );

            services.AddControllersWithViews();
        }

        #endregion
        #region 구성하기 - Configure(app, environment)

        /// <summary>
        /// 구성하기
        /// </summary>
        /// <param name="app">애플리케이션 빌더</param>
        /// <param name="environment">웹 호스트 환경</param>
        public void Configure(IApplicationBuilder app, IWebHostEnvironment environment)
        {
            if(environment.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }

            app.UseRouting();

            app.UseAuthentication();

            app.UseAuthorization();

            app.UseEndpoints
            (
                endpoints =>
                {
                    endpoints.MapDefaultControllerRoute();;
                }
            );
        }

        #endregion
    }
}

 

▶ Controllers/SecretController.cs

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

namespace TestAPIServer1.Controllers
{
    /// <summary>
    /// 비밀 컨트롤러
    /// </summary>
    public class SecretController : Controller
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 인덱스 페이지 처리하기 - Index()

        /// <summary>
        /// 인덱스 페이지 처리하기
        /// </summary>
        /// <returns>문자열</returns>
        [Authorize("APIScope")]
        public string Index()
        {
            return "API 서버 1 비밀 메시지";
        }

        #endregion
    }
}

 

[TestClient 프로젝트]

▶ Properties/launchSettings.json

{
    "iisSettings" :
    {
        "windowsAuthentication"   : false, 
        "anonymousAuthentication" : true, 
        "iisExpress"              :
        {
            "applicationUrl" : "http://localhost:50030",
            "sslPort"        : 44330
        }
    },
    "profiles" :
    {
        "IIS Express" :
        {
            "commandName"          : "IISExpress",
            "launchBrowser"        : true,
            "environmentVariables" :
            {
                "ASPNETCORE_ENVIRONMENT" : "Development"
            }
        },
        "TestAuthorizationServer" :
        {
            "commandName"          : "Project",
            "launchBrowser"        : true,
            "applicationUrl"       : "https://localhost:5001;http://localhost:5000",
            "environmentVariables" :
            {
                "ASPNETCORE_ENVIRONMENT" : "Development"
            }
        }
    }
}

 

▶ Startup.cs

using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;

namespace TestClient
{
    /// <summary>
    /// 시작
    /// </summary>
    public class Startup
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 서비스 컬렉션 구성하기 - ConfigureServices(services)

        /// <summary>
        /// 서비스 컬렉션 구성하기
        /// </summary>
        /// <param name="services">서비스 컬렉션</param>
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddAuthentication
            (
                options =>
                {
                    options.DefaultScheme          = "Cookie";
                    options.DefaultChallengeScheme = "oidc";
                }
            )
            .AddCookie("Cookie")
            .AddOpenIdConnect
            (
                "oidc",
                options =>
                {
                    options.Authority    = "https://localhost:44300/";
                    options.ClientId     = "CLIENTID0003";
                    options.ClientSecret = "CLIENTSECRET0003";
                    options.SaveTokens   = true;
                    options.ResponseType = "code";

                    options.Scope.Add("openid");
                    options.Scope.Add("profile");
                    options.Scope.Add("API1"   );
                }
            );

            services.AddHttpClient();

            services.AddControllersWithViews();
        }

        #endregion
        #region 구성하기 - Configure(app, environment)

        /// <summary>
        /// 구성하기
        /// </summary>
        /// <param name="app">애플리케이션 빌더</param>
        /// <param name="environment">웹 호스트 환경</param>
        public void Configure(IApplicationBuilder app, IWebHostEnvironment environment)
        {
            if(environment.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }

            app.UseRouting();

            app.UseAuthentication();

            app.UseAuthorization();

            app.UseEndpoints
            (
                endpoints =>
                {
                    endpoints.MapDefaultControllerRoute();
                }
            );
        }

        #endregion
    }
}

 

▶ Controllers/HomeController.cs

using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using System.IdentityModel.Tokens.Jwt;
using System.Net.Http;
using System.Threading.Tasks;

using IdentityModel.Client;

namespace TestClient.Controllers
{
    /// <summary>
    /// 홈 컨트롤러
    /// </summary>
    public class HomeController : Controller
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Field
        ////////////////////////////////////////////////////////////////////////////////////////// Private

        #region Field

        /// <summary>
        /// HTTP 클라이언트 팩토리
        /// </summary>
        private readonly IHttpClientFactory factory;

        #endregion

        //////////////////////////////////////////////////////////////////////////////////////////////////// Constructor
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 생성자 - HomeController(factory)

        /// <summary>
        /// 생성자
        /// </summary>
        /// <param name="factory">HTTP 클라이언트 팩토리</param>
        public HomeController(IHttpClientFactory factory)
        {
            this.factory = factory;
        }

        #endregion

        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 인덱스 페이지 처리하기 - Index()

        /// <summary>
        /// 인덱스 페이지 처리하기
        /// </summary>
        /// <returns>액션 결과</returns>
        public IActionResult Index()
        {
            return View();
        }

        #endregion
        #region 비밀 페이지 처리하기 - Secret()

        /// <summary>
        /// 비밀 페이지 처리하기
        /// </summary>
        /// <returns>액션 결과</returns>
        [Authorize]
        public async Task<IActionResult> Secret()
        {
            string accessToken = await HttpContext.GetTokenAsync("access_token");

            string secret = await GetSecret(accessToken);

            ViewData["Secret"] = secret;

            return View();
        }

        #endregion

        ////////////////////////////////////////////////////////////////////////////////////////// Private

        #region 비밀 구하기 - GetSecret(accessToken)

        /// <summary>
        /// 비밀 구하기
        /// </summary>
        /// <param name="accessToken">액세스 토큰</param>
        /// <returns>비밀</returns>
        public async Task<string> GetSecret(string accessToken)
        {
            HttpClient apiClient = this.factory.CreateClient();

            apiClient.SetBearerToken(accessToken);

            HttpResponseMessage apiResponse = await apiClient.GetAsync("https://localhost:44310/secret");

            string content = await apiResponse.Content.ReadAsStringAsync();

            return content;
        }

        #endregion
    }
}

 

▶ Views/Home/Secret.cshtml

<h1>클라이언트 홈 비밀 페이지</h1>
<hr />
<p>비밀 : @ViewData["Secret"]</p>
728x90
반응형
그리드형
Posted by 사용자 icodebroker

댓글을 달아 주세요