密码模式(Resource Owner Password Credentials Grant)中,用户向客户端提供自己的用户名和密码。客户端使用这些信息,向"服务商提供商"索要授权。基于之前的 IdentityServer3 实现 OAuth 2.0 授权服务【客户端模式(Client Credentials Grant)】 修改。
客户端
public class Clients{public static List<Client> Get(){return new List<Client>{// no human involvednew Client{ClientName = "App接口服务",ClientId = "app_test_id",Enabled = true,AccessTokenType = AccessTokenType.Reference,Flow = Flows.ClientCredentials,ClientSecrets = new List<Secret>{new Secret("F621F470-9731-4A25-80EF-67A6F7C5F4B8".Sha256())},AllowedScopes = new List<string>{"user","order"}},// human is involvednew Client{ClientName = "username client",ClientId = "irving",Enabled = true,AccessTokenType = AccessTokenType.Reference,Flow = Flows.ResourceOwner,ClientSecrets = new List<Secret>{new Secret("21B5F798-BE55-42BC-8AA8-0025B903DC3B".Sha256())},AllowedScopes = new List<string>{"user","order"}}};}}
用户
public class Users{public static List<InMemoryUser> Get(){return new List<InMemoryUser>{new InMemoryUser{Username = "irving",Password = "123456",Subject = "1",Claims = new[]{new Claim(Constants.ClaimTypes.GivenName, "Bob"),new Claim(Constants.ClaimTypes.FamilyName, "Smith")}},new InMemoryUser{Username = "bob",Password = "secret",Subject = "2"},new InMemoryUser{Username = "alice",Password = "secret",Subject = "3"}};}}
服务端配置
public class Startup{/// <summary>/// 配置idsv授权服务/// </summary>/// <param name="app"></param>public void Configuration(IAppBuilder app){var opts = new IdentityServerOptions{SiteName = "Embedded Homeinns PMS 2.0 OAuth2 Service",EnableWelcomePage = true,Factory = new IdentityServerServiceFactory().UseInMemoryClients(Clients.Get()).UseInMemoryScopes(Scopes.Get())//.UseInMemoryUsers(new List<InMemoryUser>()), .UseInMemoryUsers(Users.Get()),RequireSsl = false,//SigningCertificate = new X509Certificate2(string.Format(@"{0}\bin\identityServer\idsrv3test.pfx", AppDomain.CurrentDomain.BaseDirectory), "idsrv3test") };app.UseIdentityServer(opts);/*//自定义路由app.Map("/identity", idsrvApp =>{idsrvApp.UseIdentityServer(opts);});*/}
控制器
[Route("api/v1/values")]public class ValuesController : ApiController{public IHttpActionResult Get(){var caller = User as ClaimsPrincipal;var subjectClaim = caller.FindFirst("sub");if (subjectClaim != null){return Json(new{message = "OK user",client = caller.FindFirst("client_id").Value,subject = subjectClaim.Value});}else{return Json(new{message = "OK computer",client = caller.FindFirst("client_id").Value});}}}
控制台
class Program{static void Main(string[] args){/*POST http://192.168.210.165/connect/token HTTP/1.1Accept: application/jsonAuthorization: Basic YXBwX3Rlc3RfaWQ6RjYyMUY0NzAtOTczMS00QTI1LTgwRUYtNjdBNkY3QzVGNEI4Content-Type: application/x-www-form-urlencodedHost: 192.168.210.165Content-Length: 40Expect: 100-continueConnection: Keep-Alivegrant_type=client_credentials&scope=user*//*GET http://192.168.210.165:88/api/v1/values HTTP/1.1Authorization: Bearer 9f82476751e1f8b93f1ea6df7de83b51Host: 192.168.210.165:88*/var log = new LoggerConfiguration().WriteTo.LiterateConsole(outputTemplate: "{Timestamp:HH:mm} [{Level}] ({Name:l}){NewLine} {Message}{NewLine}{Exception}").CreateLogger();//ClientCredentialsvar token = new TokenClient("http://192.168.210.165/connect/token","app_test_id","F621F470-9731-4A25-80EF-67A6F7C5F4B8");var response = token.RequestClientCredentialsAsync("user").Result;var client = new HttpClient();client.SetBearerToken(response.AccessToken);log.Information(client.GetStringAsync("http://192.168.210.165:88/api/v1/values").Result);//ResourceOwner var resourceOwnerClient = new TokenClient("http://192.168.210.165/connect/token","irving","21B5F798-BE55-42BC-8AA8-0025B903DC3B");var data = resourceOwnerClient.RequestResourceOwnerPasswordAsync("irving", "123456", "order").Result;client.SetBearerToken(data.AccessToken);log.Information(client.GetStringAsync("http://192.168.210.165:88/api/v1/values").Result);Console.ReadKey();}} }
![[转]Druid概述](http://pic.xiahunao.cn/[转]Druid概述)
——C语言部分三)
实例精解)
![BZOJ 4516: [Sdoi2016]生成魔咒 [后缀自动机]](http://pic.xiahunao.cn/BZOJ 4516: [Sdoi2016]生成魔咒 [后缀自动机])
)
案例教程)
