IdentityServer4设置Scope Secret

时间:2017-02-22 20:38:57

标签: c# identityserver4

为ApiResource设置Scope密码的最佳方法是什么?在这方面我发现了很多对IdentityServer3的引用,但没有一个引用到新版本。代码示例会很棒。我很确定我只是定义了这个错误,但不能为我的生活包围我。这是我目前的代码:

using IdentityServer4.Models;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;

namespace SomeProgram.Configurations
{
    public class Scopes
    {
        public static IEnumerable<ApiResource> GetApiResources()
        {
            return new List<ApiResource>
            {
                new ApiResource("MyAPI", "My API")
            };
        }
    }
}

我该添加什么?我带走了什么?我一直在阅读文档,但找不到特定于我的问题的实例。

1 个答案:

答案 0 :(得分:1)

在这里的文档中忽略了部分找到了答案:http://docs.identityserver.io/en/release/configuration/resources.html

完整代码显示为

public static IEnumerable<ApiResource> GetApis()
{
    return new[]
    {
        // simple API with a single scope (in this case the scope name is the same as the api name)
        new ApiResource("api1", "Some API 1"),

        // expanded version if more control is needed
        new ApiResource
        {
            Name = "api2",

            // secret for using introspection endpoint
            ApiSecrets =
            {
                new Secret("secret".Sha256())
            },

            // include the following using claims in access token (in addition to subject id)
            UserClaims = { JwtClaimTypes.Name, JwtClaimTypes.Email }
            },

            // this API defines two scopes
            Scopes =
            {
                new Scope()
                {
                    Name = "api2.full_access",
                    DisplayName = "Full access to API 2",
                },
                new Scope
                {
                    Name = "api2.read_only",
                    DisplayName = "Read only access to API 2"
                }
            }
        }
    };
}