问题
I have a identityserver which is using IdentityServer3 to issue tokens.
I am creating an asp.net core 2.0 api client.
How to validate the token issued by Identityserver3 in ASP.Net Core 2.0 api application?
I tried to install Identityserver3.AccessTokenValidation.AspNetCore, but getting error saying it is not compatible with core.
Can anyone help me how to do this?
Thanks
回答1:
With .Net Core 2 you can use IdentityServer4.AccessTokenValidation to validate IdentityServer3 token , just make sure to add this line in ConfigureServices method
options.LegacyAudienceValidation = true;
the ConfigureServices should look like this :
public void ConfigureServices(IServiceCollection services)
{
services.AddMvcCore(options =>
{
// IS3 does not include the api name/audience - hence the extra scope check
options.Filters.Add(new AuthorizeFilter(ScopePolicy.Create("api")));
})
.AddAuthorization();
services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(options =>
{
options.Authority = "http://localhost:5002";
options.RequireHttpsMetadata = false;
options.ApiName = "api";
options.ApiSecret = "secret";
// this is only needed because IS3 does not include the API name in the JWT audience list
// so we disable UseIdentityServerAuthentication JWT audience check and rely upon
// scope validation to ensure we're only accepting tokens for the right API
options.LegacyAudienceValidation = true;
});
}
for more information you can refer to this link
来源:https://stackoverflow.com/questions/47891185/how-to-use-identityserver3-in-asp-net-core-2-0-webapi-to-validate-token-from-ide