问题描述

有几种身份验证方案，但是我找不到关于它们的任何文档.它们有何不同?

There are several authentication schemes but I can't find any documentation on them. How do they differ?

options.DefaultScheme
options.DefaultChallengeScheme
options.DefaultForbidScheme
options.DefaultAuthenticateScheme
options.DefaultSignInScheme
options.DefaultSignOutScheme

推荐答案

来自此处

• DefaultScheme :如果指定，则所有其他默认值将回退到此值
• DefaultAuthenticateScheme :如果已指定，AuthenticateAsync()将使用此方案，并且由UseAuthentication()添加的AuthenticationMiddleware将使用此自动设置上下文的方案. (对应于自动身份验证)
• DefaultChallengeScheme (如果已指定)，ChallengeAsync()将使用此方案，并通过以下策略对[Authorize]进行授权:不指定方案也将使用此
使用
• DefaultSignInScheme 通过SignInAsync()以及所有远程身份验证方案(例如Google/Facebook/OIDC/OAuth，通常将其设置为cookie.
• DefaultSignOutScheme 由SignOutAsync()使用，回退到DefaultSignInScheme
• DefaultForbidScheme 由ForbidAsync()使用，退回到DefaultChallengeScheme

• DefaultScheme: if specified, all the other defaults will fallback tothis value
• DefaultAuthenticateScheme: if specified,AuthenticateAsync() will use this scheme, and also theAuthenticationMiddleware added by UseAuthentication() will use thisscheme to set context.User automatically. (Corresponds toAutomaticAuthentication)
• DefaultChallengeScheme if specified,ChallengeAsync() will use this scheme, [Authorize] with policies thatdon't specify schemes will also use this
• DefaultSignInScheme is usedby SignInAsync() and also by all of the remote auth schemes likeGoogle/Facebook/OIDC/OAuth, typically this would be set to a cookie.
• DefaultSignOutScheme is used by SignOutAsync() falls back to DefaultSignInScheme
• DefaultForbidScheme is used by ForbidAsync(),falls back to DefaultChallengeScheme

因此，您指定身份验证方案，将在IAuthenticationService

这篇关于ASP.NET Core 2身份验证方案的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！