using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using System;
using System.Collections.Generic;
using System.IO;
using System.Reflection;
using System.Text;
using PEIS.Common.Helper.Encryption;
using PEIS.Common.Middleware;
namespace PEIS.Interface
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
private readonly bool _swagger = AppSettingJsonHelper.GetSection("Swagger", "Using") == "true";
public IConfiguration Configuration { get; }
///
/// 这个方法被运行时调用。 使用此方法向容器添加服务
///
///
public void ConfigureServices(IServiceCollection services)
{
services.AddControllers();
services.AddControllersWithViews()
.AddNewtonsoftJson(options =>
options.SerializerSettings.ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore
);
// swagger 配置
if (_swagger)
{
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo { Title = "OutCollect", Version = "v1" });
var xmlFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml";
var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile);
c.IncludeXmlComments(xmlPath, true);
//添加Authorization
c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
{
Description = "JWT Authorization header using the Bearer scheme.",
Name = "Authorization",
In = ParameterLocation.Header,
Scheme = "bearer",
Type = SecuritySchemeType.Http,
BearerFormat = "JWT"
});
//把所有方法配置为增加bearer头部信息;
c.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme
{
Reference = new OpenApiReference
{
Type = ReferenceType.SecurityScheme,
Id = "bearerAuth"
}
},
new string[] {}
}
});
c.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme
{
Reference = new OpenApiReference { Type = ReferenceType.SecurityScheme, Id = "Bearer" }
},
new List()
}
});
});
}
// jwt 配置
services.AddAuthentication(options =>
{
// 设置默认使用jwt验证方式
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(options =>
{
var confSection = Configuration.GetSection("Authentication");
options.TokenValidationParameters = new TokenValidationParameters()
{
// 验证接收者
ValidateAudience = true,
// 验证发布者 //是否验证发行人,就是验证载荷中的Iss是否对应ValidIssuer参数
ValidateIssuer = true,
// 验证过期时间//是否验证过期时间,过期了就拒绝访问
ValidateLifetime = true,
// 验证秘钥 //是否验证签名,不验证的画可以篡改数据,不安全
ValidateIssuerSigningKey = true,
// 读配置Issuer//发行人
ValidIssuer = confSection["IsSure"],
// 读配置Audience//订阅人
ValidAudience = confSection["Audience"],
// 设置生成token的秘钥 //解密的密钥
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(confSection["SecurityKey"]))
};
});
}
///
/// 此方法由运行时调用。 使用此方法配置 HTTP 请求管道
///
///
///
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/error");
}
if (_swagger)
{
app.UseSwagger();
// Enable middleware to serve generated Swagger as a JSON endpoint.
app.UseSwagger(c =>
{
c.SerializeAsV2 = true;
});
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("/swagger/v1/swagger.json", "debug NetFL v1");
});
}
app.UseHttpsRedirection();
app.UseRouting();
// custom jwt auth middleware
app.UseMiddleware();
// jwt
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
}
}