问题描述

我有一个asp.net核心Web API.我目前正在使用Angular 4应用直接对其进行呼叫.

I have an asp.net core Web API. I am currently making calls directly to it using an Angular 4 app.

我现在要添加身份验证和授权层.

I now want to add authentication and authorization layer.

我想通过将另一个类型为ASP.NET Core MVC(带有个人用户帐户)的项目(严格用于auth)添加到我的解决方案中，然后向其中添加IdentityServer4.该计划是使用现有的身份表存储用户，角色等.

I would like to do this by adding another project (strictly for auth) of type : ASP.NET Core MVC (w/ Individual User Accounts) to my solution and then adding IdentityServer4 to it. The plan is to use the existing Identity tables to store users, roles, etc.

一旦完成所有设置，我对Angular 4 SPA应用程序或任何其他第三方如何通过IdentityServer应用程序进行身份验证感到有些困惑.我假设这会返回某种令牌.然后继续使用该令牌调用我的原始Web API项目(即GetCustomers()).

Once this is all setup I am a bit confused about how my Angular 4 SPA app or any other third party authenticates through the IdentityServer app. I would assume this then returns a token of some sort. Then proceeds to make calls to my original Web API project (i.e. GetCustomers()) with that token.

从研究中我发现，我似乎唯一需要做的另一件事就是ASP.NET Core中的JWT承载身份验证.

From the research I did it looks like the only other thing that I need is JWT bearer authentication in ASP.NET Core.

有人可以向我提供一些有关如何进行整个过程的链接/信息.还没有找到贯穿整个过程的优质视频.另外，请确认我正在谈论的上述模式听起来正确.

Can someone please provide me with some links/information on how to go about this entire process. Haven't found any good videos that go through the entire thing. Also, please confirm that the above pattern I am talking about sounds correct.

推荐答案

Identity Server具有不同的flows/grant types，您所说的称为隐含，在这种情况下，Identity Server将返回jwt token，因此您必须将该jwt token存储在客户端上，然后将该令牌附加到请求中请求安全的webapi路由时的标题.

Identity Server has different flows/grant types, the one you talking about called implicit in that case Identity Server will return a jwt token so you have to be storing that jwt token on a client and then attaching that token to request header when requesting your secure webapi routes.

官方样本，这是一个很好的起点，也请查看其博客，其中包含有关该主题的许多有用信息.

Official samples it is very good starting point also checkout their blog that has lots of useful info covering the topic.

在这里谈论有关该主题的优秀视频是最近的NDC conf IdentityServer4的好视频:新的对于ASP.NET Core进行了改进，如果您想更深入地学习，也可以查看复数课程，多米尼克·拜尔(Dominick Baier)

Talking about the good videos on the topic here is a good one from the recent NDC conf IdentityServer4: New & Improved for ASP.NET Core also if you want to learn stuff more deeply you can checkout this pluralsignt course by Dominick Baier

这篇关于使用Angular SPA应用程序与IdentityServer4进行通信以进行身份​​验证/授权，以接收令牌，然后与Web API进行通信的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！