728x90
반응형
728x170
[TestIdentityServer 프로젝트]
▶ Properties/launchSettings.json
{
"iisSettings" :
{
"windowsAuthentication" : false,
"anonymousAuthentication" : true,
"iisExpress" :
{
"applicationUrl" : "http://localhost:55300",
"sslPort" : 44300
}
},
"profiles" :
{
"IIS Express" :
{
"commandName" : "IISExpress",
"launchBrowser" : true,
"environmentVariables" :
{
"ASPNETCORE_ENVIRONMENT" : "Development"
}
},
"TestAuthorizationServer" :
{
"commandName" : "Project",
"launchBrowser" : true,
"applicationUrl" : "https://localhost:5001;http://localhost:5000",
"environmentVariables" :
{
"ASPNETCORE_ENVIRONMENT" : "Development"
}
}
}
}
728x90
▶ Configuration.cs
using System.Collections.Generic;
using IdentityModel;
using IdentityServer4.Models;
namespace TestIdentityServer
{
/// <summary>
/// 구성
/// </summary>
public static class Configuration
{
//////////////////////////////////////////////////////////////////////////////////////////////////// Method
////////////////////////////////////////////////////////////////////////////////////////// Static
//////////////////////////////////////////////////////////////////////////////// Public
#region API 범위 리스트 구하기 - GetAPIScopeList()
/// <summary>
/// API 범위 리스트 구하기
/// </summary>
/// <returns>API 범위 리스트</returns>
public static List<ApiScope> GetAPIScopeList()
{
return new List<ApiScope>
{
new ApiScope("API1"),
new ApiScope("API2")
};
}
#endregion
#region 클라이언트 리스트 구하기 - GetClientList()
/// <summary>
/// 클라이언트 리스트 구하기
/// </summary>
/// <returns>클라이언트 리스트</returns>
public static List<Client> GetClientList()
{
return new List<Client>
{
new Client
{
ClientId = "CLIENTID0001",
ClientSecrets = { new Secret("CLIENTSECRET0001".ToSha256()) },
AllowedGrantTypes = GrantTypes.ClientCredentials,
AllowedScopes = new List<string> { "API1", "API2" },
AccessTokenLifetime = 300
}
};
}
#endregion
}
}
300x250
▶ Startup.cs
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
namespace TestIdentityServer
{
/// <summary>
/// 시작
/// </summary>
public class Startup
{
//////////////////////////////////////////////////////////////////////////////////////////////////// Method
////////////////////////////////////////////////////////////////////////////////////////// Public
#region 서비스 컬렉션 구성하기 - ConfigureServices(services)
/// <summary>
/// 서비스 컬렉션 구성하기
/// </summary>
/// <param name="services">서비스 컬렉션</param>
public void ConfigureServices(IServiceCollection services)
{
services.AddIdentityServer()
.AddInMemoryApiScopes(Configuration.GetAPIScopeList())
.AddInMemoryClients(Configuration.GetClientList())
.AddDeveloperSigningCredential();
services.AddControllersWithViews();
}
#endregion
#region 구성하기 - Configure(app, environment)
/// <summary>
/// 구성하기
/// </summary>
/// <param name="app">애플리케이션 빌더</param>
/// <param name="environment">웹 호스트 환경</param>
public void Configure(IApplicationBuilder app, IWebHostEnvironment environment)
{
if(environment.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseRouting();
app.UseIdentityServer();
app.UseEndpoints
(
endpoints =>
{
endpoints.MapDefaultControllerRoute();
}
);
}
#endregion
}
}
[TestAPIServer 프로젝트]
▶ Properties/launchSettings.json
{
"iisSettings" :
{
"windowsAuthentication" : false,
"anonymousAuthentication" : true,
"iisExpress" :
{
"applicationUrl" : "http://localhost:9060",
"sslPort" : 44310
}
},
"profiles" :
{
"IIS Express" :
{
"commandName" : "IISExpress",
"launchBrowser" : true,
"environmentVariables" :
{
"ASPNETCORE_ENVIRONMENT" : "Development"
}
},
"TestAuthorizationServer" :
{
"commandName" : "Project",
"launchBrowser" : true,
"applicationUrl" : "https://localhost:5001;http://localhost:5000",
"environmentVariables" :
{
"ASPNETCORE_ENVIRONMENT" : "Development"
}
}
}
}
▶ Startup.cs
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.IdentityModel.Tokens;
namespace TestAPIServer
{
/// <summary>
/// 시작
/// </summary>
public class Startup
{
//////////////////////////////////////////////////////////////////////////////////////////////////// Method
////////////////////////////////////////////////////////////////////////////////////////// Public
#region 서비스 컬렉션 구성하기 - ConfigureServices(services)
/// <summary>
/// 서비스 컬렉션 구성하기
/// </summary>
/// <param name="services">서비스 컬렉션</param>
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication("TestAPIServer")
.AddJwtBearer
(
"TestAPIServer",
options =>
{
options.Authority = "https://localhost:44300/";
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateAudience = false
};
}
);
services.AddAuthorization
(
options =>
{
options.AddPolicy
(
"APIScope",
policy =>
{
policy.RequireAuthenticatedUser();
policy.RequireClaim("scope", "API1");
}
);
}
);
services.AddControllersWithViews();
}
#endregion
#region 구성하기 - Configure(app, environment)
/// <summary>
/// 구성하기
/// </summary>
/// <param name="app">애플리케이션 빌더</param>
/// <param name="environment">웹 호스트 환경</param>
public void Configure(IApplicationBuilder app, IWebHostEnvironment environment)
{
if(environment.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints
(
endpoints =>
{
endpoints.MapDefaultControllerRoute();;
}
);
}
#endregion
}
}
▶ Controllers/SecretController.cs
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace TestAPIServer.Controllers
{
/// <summary>
/// 비밀 컨트롤러
/// </summary>
public class SecretController : Controller
{
//////////////////////////////////////////////////////////////////////////////////////////////////// Method
////////////////////////////////////////////////////////////////////////////////////////// Public
#region 인덱스 페이지 처리하기 - Index()
/// <summary>
/// 인덱스 페이지 처리하기
/// </summary>
/// <returns>문자열</returns>
[Route("/secret")]
[Authorize("APIScope")]
public string Index()
{
return "테스트 API 서버 비밀 메시지";
}
#endregion
}
}
[TestClient 프로젝트]
▶ Properties/launchSettings.json
{
"iisSettings" :
{
"windowsAuthentication" : false,
"anonymousAuthentication" : true,
"iisExpress" :
{
"applicationUrl" : "http://localhost:9079",
"sslPort" : 44320
}
},
"profiles" :
{
"IIS Express" :
{
"commandName" : "IISExpress",
"launchBrowser" : true,
"environmentVariables" :
{
"ASPNETCORE_ENVIRONMENT" : "Development"
}
},
"TestAuthorizationServer" :
{
"commandName" : "Project",
"launchBrowser" : true,
"applicationUrl" : "https://localhost:5001;http://localhost:5000",
"environmentVariables" :
{
"ASPNETCORE_ENVIRONMENT" : "Development"
}
}
}
}
▶ Startup.cs
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
namespace TestClient
{
/// <summary>
/// 시작
/// </summary>
public class Startup
{
//////////////////////////////////////////////////////////////////////////////////////////////////// Method
////////////////////////////////////////////////////////////////////////////////////////// Public
#region 서비스 컬렉션 구성하기 - ConfigureServices(services)
/// <summary>
/// 서비스 컬렉션 구성하기
/// </summary>
/// <param name="services">서비스 컬렉션</param>
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication("TestClient")
.AddJwtBearer
(
"TestClient",
options =>
{
options.Authority = "https://localhost:44300/";
options.Audience = "TestClient";
}
);
services.AddHttpClient();
services.AddControllersWithViews();
}
#endregion
#region 구성하기 - Configure(app, environment)
/// <summary>
/// 구성하기
/// </summary>
/// <param name="app">애플리케이션 빌더</param>
/// <param name="environment">웹 호스트 환경</param>
public void Configure(IApplicationBuilder app, IWebHostEnvironment environment)
{
if(environment.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints
(
endpoints =>
{
endpoints.MapDefaultControllerRoute();;
}
);
}
#endregion
}
}
▶ Controllers/HomeController.cs
using Microsoft.AspNetCore.Mvc;
using System.Net.Http;
using System.Threading.Tasks;
using IdentityModel.Client;
namespace TestClient.Controllers
{
/// <summary>
/// 홈 컨트롤러
/// </summary>
public class HomeController : Controller
{
//////////////////////////////////////////////////////////////////////////////////////////////////// Field
////////////////////////////////////////////////////////////////////////////////////////// Private
#region Field
/// <summary>
/// HTTP 클라이언트 팩토리
/// </summary>
private readonly IHttpClientFactory factory;
#endregion
//////////////////////////////////////////////////////////////////////////////////////////////////// Constructor
////////////////////////////////////////////////////////////////////////////////////////// Public
#region 생성자 - HomeController(factory)
/// <summary>
/// 생성자
/// </summary>
/// <param name="factory">HTTP 클라이언트 팩토리</param>
public HomeController(IHttpClientFactory factory)
{
this.factory = factory;
}
#endregion
//////////////////////////////////////////////////////////////////////////////////////////////////// Method
////////////////////////////////////////////////////////////////////////////////////////// Public
#region 인덱스 페이지 처리하기 - Index()
/// <summary>
/// 인덱스 페이지 처리하기
/// </summary>
/// <returns>액션 결과</returns>
public IActionResult Index()
{
return View();
}
#endregion
#region 데이터 페이지 처리하기 - Data()
/// <summary>
/// 데이터 페이지 처리하기
/// </summary>
/// <returns>애션 결과</returns>
public async Task<IActionResult> Data()
{
HttpClient identityClient = this.factory.CreateClient();
DiscoveryDocumentResponse discoveryDocumentResponse = await identityClient.GetDiscoveryDocumentAsync("https://localhost:44300/");
TokenResponse tokenResponse = await identityClient.RequestClientCredentialsTokenAsync
(
new ClientCredentialsTokenRequest
{
Address = discoveryDocumentResponse.TokenEndpoint,
ClientId = "CLIENTID0001",
ClientSecret = "CLIENTSECRET0001",
Scope = "API1",
}
);
HttpClient apiClient = this.factory.CreateClient();
apiClient.SetBearerToken(tokenResponse.AccessToken);
HttpResponseMessage apiResponse = await apiClient.GetAsync("https://localhost:44310/secret");
string content = await apiResponse.Content.ReadAsStringAsync();
return Ok
(
new
{
access_token = tokenResponse.AccessToken,
message = content
}
);
}
#endregion
}
}728x90
반응형
그리드형(광고전용)
'C# > ASP.NET MVC' 카테고리의 다른 글
| [C#/ASP.NET MVC/.NETCORE] IdentityServer4 신원 서버에서 사용자 로그인 인증하기 (0) | 2020.11.04 |
|---|---|
| [C#/ASP.NET MVC/.NETCORE] IdentityServer4 클라이언트 자격 증명을 사용하여 API 보호하기 (0) | 2020.11.03 |
| [C#/ASP.NET MVC/.NETCORE] RazorPageBase 클래스 : User 속성 사용하기 (0) | 2020.11.03 |
| [C#/ASP.NET MVC/.NETCORE] dotnet run 명령 : 환경 변수를 설정하고 프로그램 실행하기 (0) | 2020.11.03 |
| [C#/ASP.NET MVC/.NETCORE] dotnet new -i 명령 : IdentityServer4 템플리트 설치하기 (0) | 2020.11.03 |
| [C#/ASP.NET MVC/.NETCORE] AREA 사용하기 (0) | 2020.11.03 |
| [C#/ASP.NET MVC/.NETCORE] OAuth 인증 사용하기 (액세스 토큰 갱신 추가) (0) | 2020.11.03 |
| [C#/ASP.NET MVC/.NETCORE] OAuth 인증 사용하기 (API 서버 추가) (0) | 2020.11.02 |
| [C#/ASP.NET MVC/.NETCORE] 누겟 설치 : IdentityModel (0) | 2020.11.02 |
| [C#/ASP.NET MVC/.NETCORE] OAuth 인증 사용하기 (0) | 2020.11.01 |
댓글을 달아 주세요