IdentityServer4 添加自定义登录验证

自定义登录验证"/>

IdentityServer4 添加自定义登录验证

一、自定义身份验证：ResourceOwnerPasswordValidator.cs

 public class ResourceOwnerPasswordValidator : IResourceOwnerPasswordValidator{public ResourceOwnerPasswordValidator(){}public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context){//根据context.UserName和context.Password与数据库的数据做校验，判断是否合法if (context.UserName == "wjk" && context.Password == "123"){context.Result = new GrantValidationResult(subject: context.UserName,authenticationMethod: "custom",claims: GetUserClaims());}else{//验证失败context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "invalid custom credential");}}//可以根据需要设置相应的Claimprivate Claim[] GetUserClaims(){return new Claim[]{new Claim("userid", 1.ToString()),new Claim(JwtClaimTypes.Name,"dde"),new Claim(JwtClaimTypes.GivenName, "ssss"),new Claim(JwtClaimTypes.FamilyName, "ddddd"),new Claim(JwtClaimTypes.Email, "11111@qq"),new Claim(JwtClaimTypes.Role,"admin")};}}

services.AddIdentityServer().AddResourceOwnerValidator<ResourceOwnerPasswordValidator>();

二、发现端点：/.well-known/openid-configuration

PostMan调用：

获取Token

Post：http://localhost:7000/connect/token

client_id:appClient
client_secret:secret
grant_type:password
username:wjk
password:123
scope:offline_access

刷新Token

Post：http://localhost:7000/connect/token

client_id:appClient
client_secret:secret
grant_type:refresh_token
refresh_token:785C83C87F2DE727FDB4B9397775BC90080CBBB4947C15D46FFD38E327E8342F