百步三楼新仓库
blame | 历史 | 原始文档
huangxiaoqiang
2025-10-11 04b4e2ca4bbbc147036a0bf15ce0b8b1c45cc74b 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

using Microsoft.AspNetCore.Authentication.JwtBearer;


using Microsoft.AspNetCore.Authorization;


using Microsoft.AspNetCore.Http;


using Microsoft.Extensions.DependencyInjection;


using Microsoft.IdentityModel.Tokens;


using System;


using System.Collections.Generic;


using System.Linq;


using System.Security.Claims;


using System.Text;


using System.Threading.Tasks;


using WIDESEAWCS_Core.Const;


using WIDESEAWCS_Core.Helper;


 


namespace WIDESEAWCS_Core.Authorization


{


    /// <summary>


    /// 系统 授权服务 配置


    /// </summary>


    public static class AuthorizationSetup


    {


        /// <summary>


        /// 系统 授权服务 配置


        /// </summary>


        /// <param name="services"></param>


        /// <exception cref="ArgumentNullException"></exception>


        public static void AddAuthorizationSetup(this IServiceCollection services)


        {


            if (services == null) throw new ArgumentNullException(nameof(services));


            


            services.AddAuthentication(options =>


            {


                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;


                options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;


                options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;


            })


             .AddJwtBearer(options =>


             {


                 options.TokenValidationParameters = new TokenValidationParameters


                 {


                     SaveSigninToken = true,//保存token,后台验证token是否生效(重要)


                     ValidateIssuer = true,//是否验证Issuer


                     ValidateAudience = true,//是否验证Audience


                     ValidateLifetime = true,//是否验证失效时间


                     ValidateIssuerSigningKey = true,//是否验证SecurityKey


                     ValidAudience = AppSecret.Audience,//Audience


                     ValidIssuer = AppSecret.Issuer,//Issuer,这两项和前面签发jwt的设置一致


                     IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(AppSecret.JWT))


                 };


                 options.Events = new JwtBearerEvents()


                 {


                     OnChallenge = context =>


                     {


                         context.HandleResponse();


                         context.Response.Clear();


                         context.Response.ContentType = "application/json";


                         context.Response.StatusCode = 401;


                         context.Response.WriteAsync(new { message = "授权未通过", status = false, code = 401 }.Serialize());


                         return Task.CompletedTask;


                     }


                 };


             });


 


            services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();


        }


    }


}