为什么 WS-Federation 需要 Microsoft.AspNetCore.DataProtection.Abstractions NuGet 包?
Why does WS-Federation require Microsoft.AspNetCore.DataProtection.Abstractions NuGet package?
我一直在学习如何让 WS-Federation 在没有身份的情况下工作,对于初始设置,我使用了这个指南:https://docs.microsoft.com/en-us/aspnet/core/security/authentication/ws-federation?view=aspnetcore-3.0
很长一段时间以来,我一直 运行 出错,但偶然地,我找到了一个解决方案,其中包括 Microsoft.AspNetCore.DataProtection.Abstractions NuGet 包。
这在指南中的任何地方都没有提到,只有一个 post 我发现曾经提到它与 WS-Federation 相关:https://github.com/dotnet/aspnetcore/issues/18639
这个 NuGet 包有什么作用,为什么需要它来使 WS-Federation 工作?这甚至是正确的设置方法吗?
你可以找到源代码on github here
实际上,它提供了一个接口IDataProtector and the IDataProtectionProvider。
namespace Microsoft.AspNetCore.DataProtection
{
/// <summary>
/// An interface that can provide data protection services.
/// </summary>
public interface IDataProtector : IDataProtectionProvider
{
/// <summary>
/// Cryptographically protects a piece of plaintext data.
/// </summary>
/// <param name="plaintext">The plaintext data to protect.</param>
/// <returns>The protected form of the plaintext data.</returns>
byte[] Protect(byte[] plaintext);
/// <summary>
/// Cryptographically unprotects a piece of protected data.
/// </summary>
/// <param name="protectedData">The protected data to unprotect.</param>
/// <returns>The plaintext form of the protected data.</returns>
/// <exception cref="System.Security.Cryptography.CryptographicException">
/// Thrown if the protected data is invalid or malformed.
/// </exception>
byte[] Unprotect(byte[] protectedData);
}
}
namespace Microsoft.AspNetCore.DataProtection
{
/// <summary>
/// An interface that can be used to create <see cref="IDataProtector"/> instances.
/// </summary>
public interface IDataProtectionProvider
{
/// <summary>
/// Creates an <see cref="IDataProtector"/> given a purpose.
/// </summary>
/// <param name="purpose">
/// The purpose to be assigned to the newly-created <see cref="IDataProtector"/>.
/// </param>
/// <returns>An IDataProtector tied to the provided purpose.</returns>
/// <remarks>
/// The <paramref name="purpose"/> parameter must be unique for the intended use case; two
/// different <see cref="IDataProtector"/> instances created with two different <paramref name="purpose"/>
/// values will not be able to decipher each other's payloads. The <paramref name="purpose"/> parameter
/// value is not intended to be kept secret.
/// </remarks>
IDataProtector CreateProtector(string purpose);
}
}
它们都是 WS-Federation 正在实施(一个或另一个或两者)或它正在使用(从某种 DI 容器或构造函数中期望它)的某些实现的抽象。无论如何,没有它你将无法工作。
设置的方法是同时安装 nuget 包 from here
我一直在学习如何让 WS-Federation 在没有身份的情况下工作,对于初始设置,我使用了这个指南:https://docs.microsoft.com/en-us/aspnet/core/security/authentication/ws-federation?view=aspnetcore-3.0
很长一段时间以来,我一直 运行 出错,但偶然地,我找到了一个解决方案,其中包括 Microsoft.AspNetCore.DataProtection.Abstractions NuGet 包。
这在指南中的任何地方都没有提到,只有一个 post 我发现曾经提到它与 WS-Federation 相关:https://github.com/dotnet/aspnetcore/issues/18639
这个 NuGet 包有什么作用,为什么需要它来使 WS-Federation 工作?这甚至是正确的设置方法吗?
你可以找到源代码on github here
实际上,它提供了一个接口IDataProtector and the IDataProtectionProvider。
namespace Microsoft.AspNetCore.DataProtection
{
/// <summary>
/// An interface that can provide data protection services.
/// </summary>
public interface IDataProtector : IDataProtectionProvider
{
/// <summary>
/// Cryptographically protects a piece of plaintext data.
/// </summary>
/// <param name="plaintext">The plaintext data to protect.</param>
/// <returns>The protected form of the plaintext data.</returns>
byte[] Protect(byte[] plaintext);
/// <summary>
/// Cryptographically unprotects a piece of protected data.
/// </summary>
/// <param name="protectedData">The protected data to unprotect.</param>
/// <returns>The plaintext form of the protected data.</returns>
/// <exception cref="System.Security.Cryptography.CryptographicException">
/// Thrown if the protected data is invalid or malformed.
/// </exception>
byte[] Unprotect(byte[] protectedData);
}
}
namespace Microsoft.AspNetCore.DataProtection
{
/// <summary>
/// An interface that can be used to create <see cref="IDataProtector"/> instances.
/// </summary>
public interface IDataProtectionProvider
{
/// <summary>
/// Creates an <see cref="IDataProtector"/> given a purpose.
/// </summary>
/// <param name="purpose">
/// The purpose to be assigned to the newly-created <see cref="IDataProtector"/>.
/// </param>
/// <returns>An IDataProtector tied to the provided purpose.</returns>
/// <remarks>
/// The <paramref name="purpose"/> parameter must be unique for the intended use case; two
/// different <see cref="IDataProtector"/> instances created with two different <paramref name="purpose"/>
/// values will not be able to decipher each other's payloads. The <paramref name="purpose"/> parameter
/// value is not intended to be kept secret.
/// </remarks>
IDataProtector CreateProtector(string purpose);
}
}
它们都是 WS-Federation 正在实施(一个或另一个或两者)或它正在使用(从某种 DI 容器或构造函数中期望它)的某些实现的抽象。无论如何,没有它你将无法工作。
设置的方法是同时安装 nuget 包 from here