更改 IdentityServer 4 中的默认端点
Change default endpoint in IdentityServer 4
我正在使用 IdentityServer 4 (1.0.0-beta5)。
默认情况下,认证端点是:'/connect/token'.
如何更改 IdentityServer 中的默认端点,例如:“/api/login”?
谢谢
目前您无法更改协议端点的端点 URL。如果您认为这是必要的,请在 github.
上提出问题
在启动时设置 Identity Server 4 后 - 您可以使用此 "hack" 并更新端点路径:
var builder = services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryApiResources(Config.GetApiResources())
.AddInMemoryClients(Config.GetClients());
builder.Services
.Where(service => service.ServiceType == typeof(Endpoint))
.Select(item => (Endpoint)item.ImplementationInstance)
.ToList()
.ForEach(item => item.Path = item.Path.Value.Replace("/connect", ""));
基本上 - 一旦您调用 AddIdentityServer,TokenEndpoint、AuthorizeEndpoint 类 等端点就会在内部注册 - 当它调用 AddDefaultEndPoints 方法时。现在,在收到每个请求以匹配所请求的 Url 时迭代端点;所以更改路径会立即生效。
Please note that in the above example - I have removed all the
"/connect" values from any of the paths that were prefixed with it.
现在这个问题有点老了,这只是另一种看起来不像 hack 的方法
IdentityServer4 提供了一项名为 IEndpointRouter
的服务,如果该服务被您的自定义逻辑覆盖,则该服务将允许您将客户端请求的路径映射到 IdentityServer4 端点之一。
基于 IEndpointRouter
的默认实现(顺便说一句,这是内部的)我写了这个 class 来自己做映射。
internal class CustomEndpointRouter : IEndpointRouter
{
const string TOKEN_ENDPOINT = "/oauth/token";
private readonly IEnumerable<Endpoint> _endpoints;
private readonly IdentityServerOptions _options;
private readonly ILogger _logger;
public CustomEndpointRouter (IEnumerable<Endpoint> endpoints, IdentityServerOptions options, ILogger<CustomEndpointRouter > logger)
{
_endpoints = endpoints;
_options = options;
_logger = logger;
}
public IEndpointHandler Find(Microsoft.AspNetCore.Http.HttpContext context)
{
if (context == null) throw new ArgumentNullException(nameof(context));
if (context.Request.Path.Equals(TOKEN_ENDPOINT, StringComparison.OrdinalIgnoreCase))
{
var tokenEndPoint = GetEndPoint(EndpointNames.Token);
return GetEndpointHandler(tokenEndPoint, context);
}
//put a case for all endpoints or just fallback to IdentityServer4 default paths
else
{
foreach (var endpoint in _endpoints)
{
var path = endpoint.Path;
if (context.Request.Path.Equals(path, StringComparison.OrdinalIgnoreCase))
{
var endpointName = endpoint.Name;
_logger.LogDebug("Request path {path} matched to endpoint type {endpoint}", context.Request.Path, endpointName);
return GetEndpointHandler(endpoint, context);
}
}
}
_logger.LogTrace("No endpoint entry found for request path: {path}", context.Request.Path);
return null;
}
private Endpoint GetEndPoint(string endPointName)
{
Endpoint endpoint = null;
foreach (var ep in _endpoints)
{
if (ep.Name == endPointName)
{
endpoint = ep;
break;
}
}
return endpoint;
}
private IEndpointHandler GetEndpointHandler(Endpoint endpoint, Microsoft.AspNetCore.Http.HttpContext context)
{
if (_options.Endpoints.IsEndpointEnabled(endpoint))
{
var handler = context.RequestServices.GetService(endpoint.Handler) as IEndpointHandler;
if (handler != null)
{
_logger.LogDebug("Endpoint enabled: {endpoint}, successfully created handler: {endpointHandler}", endpoint.Name, endpoint.Handler.FullName);
return handler;
}
else
{
_logger.LogDebug("Endpoint enabled: {endpoint}, failed to create handler: {endpointHandler}", endpoint.Name, endpoint.Handler.FullName);
}
}
else
{
_logger.LogWarning("Endpoint disabled: {endpoint}", endpoint.Name);
}
return null;
}
}
internal static class EndpointOptionsExtensions
{
public static bool IsEndpointEnabled(this EndpointsOptions options, Endpoint endpoint)
{
switch (endpoint?.Name)
{
case EndpointNames.Authorize:
return options.EnableAuthorizeEndpoint;
case EndpointNames.CheckSession:
return options.EnableCheckSessionEndpoint;
case EndpointNames.Discovery:
return options.EnableDiscoveryEndpoint;
case EndpointNames.EndSession:
return options.EnableEndSessionEndpoint;
case EndpointNames.Introspection:
return options.EnableIntrospectionEndpoint;
case EndpointNames.Revocation:
return options.EnableTokenRevocationEndpoint;
case EndpointNames.Token:
return options.EnableTokenEndpoint;
case EndpointNames.UserInfo:
return options.EnableUserInfoEndpoint;
default:
// fall thru to true to allow custom endpoints
return true;
}
}
}
public static class EndpointNames
{
public const string Authorize = "Authorize";
public const string Token = "Token";
public const string DeviceAuthorization = "DeviceAuthorization";
public const string Discovery = "Discovery";
public const string Introspection = "Introspection";
public const string Revocation = "Revocation";
public const string EndSession = "Endsession";
public const string CheckSession = "Checksession";
public const string UserInfo = "Userinfo";
}
那么你只需要像下面这样注册这个CustomEndpointRouter
服务
services.AddTransient<IEndpointRouter, CustomEndpointRouter>();
请注意,此更新后的路径不会出现在发现文档中
你可以试试这个
services.AddIdentityServer(选项 => options.PublicOrigin = "URL")
检查此 link。
http://amilspage.com/set-identityserver4-url-behind-loadbalancer/
只需将此添加到 Startup.cs
services.ConfigureApplicationCookie(config =>
{
config.Cookie.Name = "IdentityServer.Cookie";
config.LoginPath = "/Auth/Login";
config.LogoutPath = "/Auth/Logout";
});
我正在使用 IdentityServer 4 (1.0.0-beta5)。
默认情况下,认证端点是:'/connect/token'.
如何更改 IdentityServer 中的默认端点,例如:“/api/login”?
谢谢
目前您无法更改协议端点的端点 URL。如果您认为这是必要的,请在 github.
上提出问题在启动时设置 Identity Server 4 后 - 您可以使用此 "hack" 并更新端点路径:
var builder = services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryApiResources(Config.GetApiResources())
.AddInMemoryClients(Config.GetClients());
builder.Services
.Where(service => service.ServiceType == typeof(Endpoint))
.Select(item => (Endpoint)item.ImplementationInstance)
.ToList()
.ForEach(item => item.Path = item.Path.Value.Replace("/connect", ""));
基本上 - 一旦您调用 AddIdentityServer,TokenEndpoint、AuthorizeEndpoint 类 等端点就会在内部注册 - 当它调用 AddDefaultEndPoints 方法时。现在,在收到每个请求以匹配所请求的 Url 时迭代端点;所以更改路径会立即生效。
Please note that in the above example - I have removed all the "/connect" values from any of the paths that were prefixed with it.
现在这个问题有点老了,这只是另一种看起来不像 hack 的方法
IdentityServer4 提供了一项名为 IEndpointRouter
的服务,如果该服务被您的自定义逻辑覆盖,则该服务将允许您将客户端请求的路径映射到 IdentityServer4 端点之一。
基于 IEndpointRouter
的默认实现(顺便说一句,这是内部的)我写了这个 class 来自己做映射。
internal class CustomEndpointRouter : IEndpointRouter
{
const string TOKEN_ENDPOINT = "/oauth/token";
private readonly IEnumerable<Endpoint> _endpoints;
private readonly IdentityServerOptions _options;
private readonly ILogger _logger;
public CustomEndpointRouter (IEnumerable<Endpoint> endpoints, IdentityServerOptions options, ILogger<CustomEndpointRouter > logger)
{
_endpoints = endpoints;
_options = options;
_logger = logger;
}
public IEndpointHandler Find(Microsoft.AspNetCore.Http.HttpContext context)
{
if (context == null) throw new ArgumentNullException(nameof(context));
if (context.Request.Path.Equals(TOKEN_ENDPOINT, StringComparison.OrdinalIgnoreCase))
{
var tokenEndPoint = GetEndPoint(EndpointNames.Token);
return GetEndpointHandler(tokenEndPoint, context);
}
//put a case for all endpoints or just fallback to IdentityServer4 default paths
else
{
foreach (var endpoint in _endpoints)
{
var path = endpoint.Path;
if (context.Request.Path.Equals(path, StringComparison.OrdinalIgnoreCase))
{
var endpointName = endpoint.Name;
_logger.LogDebug("Request path {path} matched to endpoint type {endpoint}", context.Request.Path, endpointName);
return GetEndpointHandler(endpoint, context);
}
}
}
_logger.LogTrace("No endpoint entry found for request path: {path}", context.Request.Path);
return null;
}
private Endpoint GetEndPoint(string endPointName)
{
Endpoint endpoint = null;
foreach (var ep in _endpoints)
{
if (ep.Name == endPointName)
{
endpoint = ep;
break;
}
}
return endpoint;
}
private IEndpointHandler GetEndpointHandler(Endpoint endpoint, Microsoft.AspNetCore.Http.HttpContext context)
{
if (_options.Endpoints.IsEndpointEnabled(endpoint))
{
var handler = context.RequestServices.GetService(endpoint.Handler) as IEndpointHandler;
if (handler != null)
{
_logger.LogDebug("Endpoint enabled: {endpoint}, successfully created handler: {endpointHandler}", endpoint.Name, endpoint.Handler.FullName);
return handler;
}
else
{
_logger.LogDebug("Endpoint enabled: {endpoint}, failed to create handler: {endpointHandler}", endpoint.Name, endpoint.Handler.FullName);
}
}
else
{
_logger.LogWarning("Endpoint disabled: {endpoint}", endpoint.Name);
}
return null;
}
}
internal static class EndpointOptionsExtensions
{
public static bool IsEndpointEnabled(this EndpointsOptions options, Endpoint endpoint)
{
switch (endpoint?.Name)
{
case EndpointNames.Authorize:
return options.EnableAuthorizeEndpoint;
case EndpointNames.CheckSession:
return options.EnableCheckSessionEndpoint;
case EndpointNames.Discovery:
return options.EnableDiscoveryEndpoint;
case EndpointNames.EndSession:
return options.EnableEndSessionEndpoint;
case EndpointNames.Introspection:
return options.EnableIntrospectionEndpoint;
case EndpointNames.Revocation:
return options.EnableTokenRevocationEndpoint;
case EndpointNames.Token:
return options.EnableTokenEndpoint;
case EndpointNames.UserInfo:
return options.EnableUserInfoEndpoint;
default:
// fall thru to true to allow custom endpoints
return true;
}
}
}
public static class EndpointNames
{
public const string Authorize = "Authorize";
public const string Token = "Token";
public const string DeviceAuthorization = "DeviceAuthorization";
public const string Discovery = "Discovery";
public const string Introspection = "Introspection";
public const string Revocation = "Revocation";
public const string EndSession = "Endsession";
public const string CheckSession = "Checksession";
public const string UserInfo = "Userinfo";
}
那么你只需要像下面这样注册这个CustomEndpointRouter
服务
services.AddTransient<IEndpointRouter, CustomEndpointRouter>();
请注意,此更新后的路径不会出现在发现文档中
你可以试试这个 services.AddIdentityServer(选项 => options.PublicOrigin = "URL")
检查此 link。 http://amilspage.com/set-identityserver4-url-behind-loadbalancer/
只需将此添加到 Startup.cs
services.ConfigureApplicationCookie(config =>
{
config.Cookie.Name = "IdentityServer.Cookie";
config.LoginPath = "/Auth/Login";
config.LogoutPath = "/Auth/Logout";
});