trying to get identity server authing

2025-11-04 09:15:27 +08:00 · 2017-02-19 13:59:17 +00:00
parent fa47663259
commit d236ed3018
5 changed files with 107 additions and 43 deletions
--- a/src/Ocelot/Controllers/FileConfigurationController.cs
+++ b/src/Ocelot/Controllers/FileConfigurationController.cs
@@ -1,20 +1,24 @@
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Ocelot.Services;

 namespace Ocelot.Controllers
 {
-    [RouteAttribute("configuration")]
-    public class FileConfigurationController
+    [Authorize(Roles = "Admin")]
+    [Route("configuration")]
+    public class FileConfigurationController : Controller
    {
-        private IGetFileConfiguration _getFileConfig;
+        private readonly IGetFileConfiguration _getFileConfig;

        public FileConfigurationController(IGetFileConfiguration getFileConfig)
        {
            _getFileConfig = getFileConfig;
        }

+        [HttpGet]
        public IActionResult Get()
        {
+            var user = this.HttpContext.User;
            return new OkObjectResult(_getFileConfig.Invoke().Data);
        }
    }
--- a/src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs
+++ b/src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs
@@ -1,6 +1,10 @@
 using System;
+using System.Collections.Generic;
 using System.Net.Http;
+using System.Security.Claims;
 using CacheManager.Core;
+using IdentityServer4.Models;
+using IdentityServer4.Test;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
@@ -61,6 +65,53 @@ namespace Ocelot.DependencyInjection

        public static IServiceCollection AddOcelot(this IServiceCollection services)
        {
+            services.AddIdentityServer()
+                .AddTemporarySigningCredential()
+                .AddInMemoryApiResources(new List<ApiResource>
+                {
+                    new ApiResource
+                    {
+                        Name = "admin",
+                        Description = "Ocelot Administration",
+                        Enabled = true,
+                        DisplayName = "admin",
+                        Scopes = new List<Scope>()
+                        {
+                            new Scope("admin"),
+                            new Scope("openid"),
+                            new Scope("offline_access")
+                        },
+                        ApiSecrets = new List<Secret>
+                        {
+                            new Secret
+                            {
+                                Value = "secret".Sha256()
+                            }
+                        }
+                    }
+                })
+                .AddInMemoryClients(new List<Client>
+                {
+                    new Client
+                    {
+                        ClientId = "admin",
+                        AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
+                        ClientSecrets = new List<Secret> {new Secret("secret".Sha256())},
+                        AllowedScopes = new List<string> {"admin", "openid", "offline_access"},
+                        AccessTokenType = AccessTokenType.Jwt,
+                        Enabled = true,
+                        RequireClientSecret = false
+                    }
+                })
+                .AddTestUsers(new List<TestUser>
+                {
+                    new TestUser
+                    {
+                        Username = "admin",
+                        Password = "admin",
+                        SubjectId = "admin",
+                    }
+                });
            services.AddMvcCore().AddJsonFormatters();
            services.AddLogging();
            services.AddSingleton<IGetFileConfiguration, GetFileConfiguration>();
--- a/src/Ocelot/Middleware/OcelotMiddlewareExtensions.cs
+++ b/src/Ocelot/Middleware/OcelotMiddlewareExtensions.cs
@@ -1,4 +1,6 @@
-using Microsoft.AspNetCore.Builder;
+using System.Collections.Generic;
+using IdentityServer4.AccessTokenValidation;
+using Microsoft.AspNetCore.Builder;
 using Ocelot.Authentication.Middleware;
 using Ocelot.Cache.Middleware;
 using Ocelot.Claims.Middleware;
@@ -45,7 +47,7 @@ namespace Ocelot.Middleware
        public static async Task<IApplicationBuilder> UseOcelot(this IApplicationBuilder builder, OcelotMiddlewareConfiguration middlewareConfiguration)
        {
            await CreateAdministrationArea(builder);
-            
+
            // This is registered to catch any global exceptions that are not handled
            builder.UseExceptionHandlerMiddleware();

@@ -144,9 +146,21 @@ namespace Ocelot.Middleware

            if(!string.IsNullOrEmpty(configuration.AdministrationPath))
            {
-                builder.Map(configuration.AdministrationPath, x => 
+                builder.Map(configuration.AdministrationPath, app =>
                {
-                    x.UseMvc();
+                    app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
+                    {
+                        Authority = "http://localhost:5000/admin",
+                        ApiName = "admin",
+                        RequireHttpsMetadata = false,
+                        AllowedScopes = new List<string>(),
+                        SupportedTokens = SupportedTokens.Both,
+                        ApiSecret = "secret"
+                    });
+
+                    app.UseIdentityServer();
+
+                    app.UseMvc();
                });
            }
        }
--- a/src/Ocelot/project.json
+++ b/src/Ocelot/project.json
@@ -1,35 +1,36 @@
 {
  "version": "0.0.0-dev",
-  "dependencies": {
-    "Microsoft.AspNetCore.Server.IISIntegration": "1.1.0",
-    "Microsoft.Extensions.Configuration.EnvironmentVariables": "1.1.0",
-    "Microsoft.Extensions.Configuration.FileExtensions": "1.1.0",
-    "Microsoft.Extensions.Configuration.Json": "1.1.0",
-    "Microsoft.Extensions.Logging": "1.1.0",
-    "Microsoft.Extensions.Logging.Console": "1.1.0",
-    "Microsoft.Extensions.Logging.Debug": "1.1.0",
-    "Microsoft.Extensions.Options.ConfigurationExtensions": "1.1.0",
-    "Microsoft.AspNetCore.Http": "1.1.0",
-    "System.Text.RegularExpressions": "4.3.0",
-    "Microsoft.AspNetCore.Authentication.OAuth": "1.1.0",
-    "Microsoft.AspNetCore.Authentication.JwtBearer": "1.1.0",
-    "Microsoft.AspNetCore.Authentication.OpenIdConnect": "1.1.0",
-    "Microsoft.AspNetCore.Authentication.Cookies": "1.1.0",
-    "Microsoft.AspNetCore.Authentication.Google": "1.1.0",
-    "Microsoft.AspNetCore.Authentication.Facebook": "1.1.0",
-    "Microsoft.AspNetCore.Authentication.Twitter": "1.1.0",
-    "Microsoft.AspNetCore.Authentication.MicrosoftAccount": "1.1.0",
-    "Microsoft.AspNetCore.Authentication": "1.1.0",
-    "IdentityServer4.AccessTokenValidation": "1.0.2",
-    "Microsoft.AspNetCore.Mvc": "1.1.0",
-    "Microsoft.AspNetCore.Server.Kestrel": "1.1.0",
-    "Microsoft.NETCore.App": "1.1.0",
-    "CacheManager.Core": "0.9.2",
-    "CacheManager.Microsoft.Extensions.Configuration": "0.9.2",
-    "CacheManager.Microsoft.Extensions.Logging": "0.9.2",
-    "Consul": "0.7.2.1",
-    "Polly": "5.0.3"
-  },
+    "dependencies": {
+        "Microsoft.AspNetCore.Server.IISIntegration": "1.1.0",
+        "Microsoft.Extensions.Configuration.EnvironmentVariables": "1.1.0",
+        "Microsoft.Extensions.Configuration.FileExtensions": "1.1.0",
+        "Microsoft.Extensions.Configuration.Json": "1.1.0",
+        "Microsoft.Extensions.Logging": "1.1.0",
+        "Microsoft.Extensions.Logging.Console": "1.1.0",
+        "Microsoft.Extensions.Logging.Debug": "1.1.0",
+        "Microsoft.Extensions.Options.ConfigurationExtensions": "1.1.0",
+        "Microsoft.AspNetCore.Http": "1.1.0",
+        "System.Text.RegularExpressions": "4.3.0",
+        "Microsoft.AspNetCore.Authentication.OAuth": "1.1.0",
+        "Microsoft.AspNetCore.Authentication.JwtBearer": "1.1.0",
+        "Microsoft.AspNetCore.Authentication.OpenIdConnect": "1.1.0",
+        "Microsoft.AspNetCore.Authentication.Cookies": "1.1.0",
+        "Microsoft.AspNetCore.Authentication.Google": "1.1.0",
+        "Microsoft.AspNetCore.Authentication.Facebook": "1.1.0",
+        "Microsoft.AspNetCore.Authentication.Twitter": "1.1.0",
+        "Microsoft.AspNetCore.Authentication.MicrosoftAccount": "1.1.0",
+        "Microsoft.AspNetCore.Authentication": "1.1.0",
+        "IdentityServer4.AccessTokenValidation": "1.0.2",
+        "Microsoft.AspNetCore.Mvc": "1.1.0",
+        "Microsoft.AspNetCore.Server.Kestrel": "1.1.0",
+        "Microsoft.NETCore.App": "1.1.0",
+        "CacheManager.Core": "0.9.2",
+        "CacheManager.Microsoft.Extensions.Configuration": "0.9.2",
+        "CacheManager.Microsoft.Extensions.Logging": "0.9.2",
+        "Consul": "0.7.2.1",
+        "Polly": "5.0.3",
+        "IdentityServer4": "1.0.1"
+    },
  "runtimes": {
    "win10-x64": {},
    "osx.10.11-x64": {},