mirror of
https://github.com/nsnail/Ocelot.git
synced 2025-06-19 07:08:14 +08:00
Implementing jwt and adding tests
This commit is contained in:
Nick Sharp
@ -19,17 +19,31 @@ namespace Ocelot.Authentication.Handler.Creator
|
||||
{
|
||||
var builder = app.New();
|
||||
|
||||
var authenticationConfig = authOptions.Config as IdentityServerConfig;
|
||||
|
||||
builder.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
|
||||
if (authOptions.Provider.ToLower() == "jwt")
|
||||
{
|
||||
Authority = authenticationConfig.ProviderRootUrl,
|
||||
ApiName = authenticationConfig.ApiName,
|
||||
RequireHttpsMetadata = authenticationConfig.RequireHttps,
|
||||
AllowedScopes = authOptions.AllowedScopes,
|
||||
SupportedTokens = SupportedTokens.Both,
|
||||
ApiSecret = authenticationConfig.ApiSecret
|
||||
});
|
||||
var authenticationConfig = authOptions.Config as JwtConfig;
|
||||
|
||||
builder.UseJwtBearerAuthentication(
|
||||
new JwtBearerOptions()
|
||||
{
|
||||
Authority = authenticationConfig.Authority,
|
||||
Audience = authenticationConfig.Audience
|
||||
});
|
||||
}
|
||||
else
|
||||
{
|
||||
var authenticationConfig = authOptions.Config as IdentityServerConfig;
|
||||
|
||||
builder.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
|
||||
{
|
||||
Authority = authenticationConfig.ProviderRootUrl,
|
||||
ApiName = authenticationConfig.ApiName,
|
||||
RequireHttpsMetadata = authenticationConfig.RequireHttps,
|
||||
AllowedScopes = authOptions.AllowedScopes,
|
||||
SupportedTokens = SupportedTokens.Both,
|
||||
ApiSecret = authenticationConfig.ApiSecret
|
||||
});
|
||||
}
|
||||
|
||||
var authenticationNext = builder.Build();
|
||||
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
{
|
||||
public enum SupportedAuthenticationProviders
|
||||
{
|
||||
IdentityServer
|
||||
IdentityServer,
|
||||
Jwt
|
||||
}
|
||||
}
|
||||
|
||||
@ -36,5 +36,18 @@ namespace Ocelot.Configuration
|
||||
public bool RequireHttps { get; private set; }
|
||||
}
|
||||
|
||||
public class JwtConfig : IAuthenticationConfig
|
||||
{
|
||||
public JwtConfig(string authority, string audience)
|
||||
{
|
||||
Audience = audience;
|
||||
Authority = authority;
|
||||
}
|
||||
|
||||
public string Audience { get; }
|
||||
|
||||
public string Authority { get; }
|
||||
}
|
||||
|
||||
public interface IAuthenticationConfig {}
|
||||
}
|
||||
|
||||
@ -9,7 +9,7 @@ namespace Ocelot.Configuration.Builder
|
||||
|
||||
private List<string> _allowedScopes;
|
||||
|
||||
private IdentityServerConfig _identityServerConfig;
|
||||
private IAuthenticationConfig _identityServerConfig;
|
||||
|
||||
public AuthenticationOptionsBuilder WithProvider(string provider)
|
||||
{
|
||||
@ -23,7 +23,7 @@ namespace Ocelot.Configuration.Builder
|
||||
return this;
|
||||
}
|
||||
|
||||
public AuthenticationOptionsBuilder WithIdntityServerConfigConfiguration(IdentityServerConfig config)
|
||||
public AuthenticationOptionsBuilder WithConfig(IAuthenticationConfig config)
|
||||
{
|
||||
_identityServerConfig = config;
|
||||
return this;
|
||||
@ -66,11 +66,33 @@ namespace Ocelot.Configuration.Builder
|
||||
return this;
|
||||
}
|
||||
|
||||
|
||||
|
||||
public IdentityServerConfig Build()
|
||||
{
|
||||
return new IdentityServerConfig(_providerRootUrl, _apiName, _requireHttps, _apiSecret);
|
||||
}
|
||||
}
|
||||
|
||||
public class JwtConfigBuilder
|
||||
{
|
||||
public string _authority;
|
||||
|
||||
public string _audience;
|
||||
|
||||
public JwtConfigBuilder WithAuthority(string authority)
|
||||
{
|
||||
_authority = authority;
|
||||
return this;
|
||||
}
|
||||
|
||||
public JwtConfigBuilder WithAudience(string audience)
|
||||
{
|
||||
_audience = audience;
|
||||
return this;
|
||||
}
|
||||
|
||||
public JwtConfig Build()
|
||||
{
|
||||
return new JwtConfig(_authority, _audience);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -7,25 +7,13 @@ namespace Ocelot.Configuration.Creator
|
||||
{
|
||||
public AuthenticationOptions Create(FileReRoute fileReRoute)
|
||||
{
|
||||
var authenticationConfig = new IdentityServerConfigCreator().Create(fileReRoute.AuthenticationOptions);
|
||||
var authenticationConfig = new ConfigCreator().Create(fileReRoute.AuthenticationOptions);
|
||||
|
||||
return new AuthenticationOptionsBuilder()
|
||||
.WithProvider(fileReRoute.AuthenticationOptions?.Provider)
|
||||
.WithAllowedScopes(fileReRoute.AuthenticationOptions?.AllowedScopes)
|
||||
.WithIdntityServerConfigConfiguration(authenticationConfig)
|
||||
.WithConfig(authenticationConfig)
|
||||
.Build();
|
||||
}
|
||||
}
|
||||
|
||||
public class IdentityServerConfigCreator
|
||||
{
|
||||
public IdentityServerConfig Create(FileAuthenticationOptions authenticationOptions)
|
||||
{
|
||||
return new IdentityServerConfigBuilder()
|
||||
.WithApiName(authenticationOptions.IdentityServerConfig?.ApiName)
|
||||
.WithApiSecret(authenticationOptions.IdentityServerConfig?.ApiSecret)
|
||||
.WithProviderRootUrl(authenticationOptions.IdentityServerConfig?.ProviderRootUrl)
|
||||
.WithRequireHttps(authenticationOptions.IdentityServerConfig.RequireHttps).Build();
|
||||
}
|
||||
}
|
||||
}
|
||||
35
src/Ocelot/Configuration/Creator/ConfigCreator.cs
Normal file
35
src/Ocelot/Configuration/Creator/ConfigCreator.cs
Normal file
@ -0,0 +1,35 @@
|
||||
namespace Ocelot.Configuration.Creator
|
||||
{
|
||||
using Ocelot.Configuration.Builder;
|
||||
using Ocelot.Configuration.File;
|
||||
|
||||
public class ConfigCreator
|
||||
{
|
||||
public IAuthenticationConfig Create(FileAuthenticationOptions authenticationOptions)
|
||||
{
|
||||
if (authenticationOptions.Provider == "Jwt")
|
||||
{
|
||||
return CreateJwt(authenticationOptions);
|
||||
}
|
||||
|
||||
return CreateIdentityServer(authenticationOptions);
|
||||
}
|
||||
|
||||
private JwtConfig CreateJwt(FileAuthenticationOptions authenticationOptions)
|
||||
{
|
||||
return new JwtConfigBuilder()
|
||||
.WithAudience(authenticationOptions.JwtConfig?.Audience)
|
||||
.WithAuthority(authenticationOptions.JwtConfig?.Authority)
|
||||
.Build();
|
||||
}
|
||||
|
||||
private IdentityServerConfig CreateIdentityServer(FileAuthenticationOptions authenticationOptions)
|
||||
{
|
||||
return new IdentityServerConfigBuilder()
|
||||
.WithApiName(authenticationOptions.IdentityServerConfig?.ApiName)
|
||||
.WithApiSecret(authenticationOptions.IdentityServerConfig?.ApiSecret)
|
||||
.WithProviderRootUrl(authenticationOptions.IdentityServerConfig?.ProviderRootUrl)
|
||||
.WithRequireHttps(authenticationOptions.IdentityServerConfig.RequireHttps).Build();
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -8,11 +8,13 @@ namespace Ocelot.Configuration.File
|
||||
{
|
||||
AllowedScopes = new List<string>();
|
||||
IdentityServerConfig = new FileIdentityServerConfig();
|
||||
JwtConfig = new FileJwtConfig();
|
||||
}
|
||||
|
||||
public string Provider { get; set; }
|
||||
public List<string> AllowedScopes { get; set; }
|
||||
public FileIdentityServerConfig IdentityServerConfig { get; set; }
|
||||
public FileJwtConfig JwtConfig { get; set; }
|
||||
}
|
||||
|
||||
public class FileIdentityServerConfig
|
||||
@ -22,4 +24,11 @@ namespace Ocelot.Configuration.File
|
||||
public bool RequireHttps { get; set; }
|
||||
public string ApiSecret { get; set; }
|
||||
}
|
||||
|
||||
public class FileJwtConfig
|
||||
{
|
||||
public string Authority { get; set; }
|
||||
|
||||
public string Audience { get; set; }
|
||||
}
|
||||
}
|
||||
|
||||
@ -25,8 +25,12 @@ namespace Ocelot.AcceptanceTests
|
||||
{
|
||||
switch (jsonObject["Provider"].Value<string>())
|
||||
{
|
||||
//case "Jwt":
|
||||
// setting = new
|
||||
case "Jwt":
|
||||
setting = new JwtConfig(
|
||||
jsonObject["Authority"].Value<string>(),
|
||||
jsonObject["Audience"].Value<string>());
|
||||
break;
|
||||
|
||||
default:
|
||||
setting = new IdentityServerConfig(
|
||||
jsonObject["ProviderRootUrl"].Value<string>(),
|
||||
|
||||
Reference in New Issue
Block a user