c#

如何在C#项目中集成OAuth

小樊
98
2024-09-02 13:36:05
栏目: 编程语言

在C#项目中集成OAuth,通常需要使用OAuth库(例如:Microsoft.AspNetCore.Authentication.OAuth)和遵循OAuth 2.0协议

  1. 安装必要的NuGet包:

    对于ASP.NET Core项目,您需要安装以下NuGet包:

    Microsoft.AspNetCore.Authentication.OAuth
    

    使用以下命令安装:

    dotnet add package Microsoft.AspNetCore.Authentication.OAuth
    
  2. 在Startup.cs文件中配置OAuth认证:

    在ConfigureServices方法中添加OAuth认证服务:

    public void ConfigureServices(IServiceCollection services)
    {
        // ...
    
        services.AddAuthentication().AddOAuth("OAuth", options =>
        {
            options.ClientId = "your_client_id";
            options.ClientSecret = "your_client_secret";
            options.CallbackPath = new PathString("/callback");
            options.AuthorizationEndpoint = "https://example.com/oauth/authorize";
            options.TokenEndpoint = "https://example.com/oauth/token";
            options.UserInformationEndpoint = "https://example.com/oauth/userinfo";
    
            options.SaveTokens = true;
    
            options.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "id");
            options.ClaimActions.MapJsonKey(ClaimTypes.Name, "name");
            options.ClaimActions.MapJsonKey(ClaimTypes.Email, "email");
        });
    
        // ...
    }
    

    请确保将上述代码中的"your_client_id"、“your_client_secret”、“https://example.com/oauth/authorize”、"https://example.com/oauth/token"和"https://example.com/oauth/userinfo"替换为您的OAuth提供商提供的实际值。

  3. 配置中间件:

    在Configure方法中添加UseAuthentication中间件:

    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
        // ...
    
        app.UseAuthentication();
        app.UseAuthorization();
    
        // ...
    }
    
  4. 创建一个控制器来处理OAuth登录:

    using System;
    using System.Threading.Tasks;
    using Microsoft.AspNetCore.Authentication;
    using Microsoft.AspNetCore.Authentication.Cookies;
    using Microsoft.AspNetCore.Mvc;
    
    [Route("[controller]/[action]")]
    public class AccountController : Controller
    {
        [HttpGet]
        public IActionResult Login()
        {
            var redirectUrl = Url.Action(nameof(HomeController.Index), "Home");
            return Challenge(
                new AuthenticationProperties { RedirectUri = redirectUrl },
                "OAuth");
        }
    
        [HttpGet]
        public async Task<IActionResult> Callback()
        {
            var authenticateResult = await HttpContext.AuthenticateAsync("OAuth");
            if (!authenticateResult.Succeeded)
            {
                return RedirectToAction(nameof(Login));
            }
    
            var claimsPrincipal = authenticateResult.Principal;
    
            // 在此处处理用户登录,例如创建会话或将其存储到数据库
    
            await HttpContext.SignInAsync(
                CookieAuthenticationDefaults.AuthenticationScheme,
                claimsPrincipal);
    
            return RedirectToAction(nameof(HomeController.Index), "Home");
        }
    
        [HttpPost]
        public async Task<IActionResult> Logout()
        {
            await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
            return RedirectToAction(nameof(HomeController.Index), "Home");
        }
    }
    
  5. 更新视图和布局以显示登录/注销按钮:

    在视图中添加登录和注销按钮,例如在_Layout.cshtml中:

    @if (User.Identity.IsAuthenticated)
    {
        <form asp-controller="Account" asp-action="Logout" method="post">
           <button type="submit">注销</button>
        </form>
    }
    else
    {
        <a asp-controller="Account" asp-action="Login">登录</a>
    }
    

现在,您已经在C#项目中集成了OAuth。用户可以使用OAuth提供商进行身份验证,并在您的应用程序中登录和注销。

0
看了该问题的人还看了