首先我想要简要说明是AuthenticationScheme类,每次看到Scheme这个单词我就感觉它是一个很高大上的单词,其实简单翻译过来就是认证方案的意思。既然一种方案,那我们就要知道这个方案的名字(Name)和它对外宣传的名字(DisplayName)以及这方案的认证处理类型(Type handlerType)。
namespace Microsoft.AspNetCore.Authentication { public class AuthenticationScheme { public AuthenticationScheme(string name, string displayName, Type handlerType); //The name of the authentication scheme. public string Name { get; }
//The display name for the scheme. Null is valid and used for non user facing schemes. public string DisplayName { get; } //The Microsoft.AspNetCore.Authentication.IAuthenticationHandler type that handles this scheme. public Type HandlerType { get; } } }
aspnetcore同时还提供了一个构建AuthenticationScheme类的AuthenticationSchemeBuilder类。AuthenticationSchemeBuilder的属性和AuthenticationScheme是一样的,这些属性将作为实例化AuthenticationScheme类的参数。AuthenticationSchemeBuilder仅比AuthenticationScheme多了一个Build方法。
namespace Microsoft.AspNetCore.Authentication { /// <summary> /// Used to build <see cref="AuthenticationScheme"/>s. /// </summary> public class AuthenticationSchemeBuilder { /// <summary> /// Constructor. /// </summary> /// <param name="name">The name of the scheme being built.</param> public AuthenticationSchemeBuilder(string name) { Name = name; } ...
//一些和AuthenticationScheme类相同的属性,将作为构建AuthenticationScheme的参数
...
// Builds the <see cref="AuthenticationScheme"/> instance. public AuthenticationScheme Build() => new AuthenticationScheme(Name, DisplayName, HandlerType); } }
而AuthenticationSchemeBuilder又在那里注册进来的呢?接下来我们看另外一个类:AuthenticationOptions
public class AuthenticationOptions { public AuthenticationOptions(); public IEnumerable<AuthenticationSchemeBuilder> Schemes { get; } public IDictionary<string, AuthenticationSchemeBuilder> SchemeMap { get; } public string DefaultScheme { get; set; } public string DefaultAuthenticateScheme { get; set; } public string DefaultSignInScheme { get; set; } public string DefaultSignOutScheme { get; set; } public string DefaultChallengeScheme { get; set; } public string DefaultForbidScheme { get; set; } public void AddScheme(string name, Action<AuthenticationSchemeBuilder> configureBuilder); public void AddScheme<THandler>(string name, string displayName) where THandler : IAuthenticationHandler; } }
该类的主要作用就是让我们配置AuthenticationScheme的一些选项。
我们可以通过该类的AddScheme和AddScheme<THandler>方法添加方案到AuthenticationOptions类Schemes和SchemeMap属性中。属性SchemeMap是一个字典类型,它是以我们AuthenticationScheme的Name属性作为Key。aspnetcore默认提供了几个方案就不一 一列具了,还有一点我们需要注意的是AddScheme<THandler>中THandler必须是IAuthenticationHandler接口类型。我们可以通过在Startup类的ConfigureServices方法中注入我们的方案:
public void ConfigureServices(IServiceCollection services) { services.AddAuthentication(x => { x.AddScheme<MyAuth>("abc", "我的中国方案"); }); }
MyAuth是我自己实现IAuthenticationHandler接口添加的类,认证相关的逻辑就实现在他们的方法中,代码如下:
public class MyAuth : IAuthenticationHandler { public Task<AuthenticateResult> AuthenticateAsync() { throw new NotImplementedException(); } public Task ChallengeAsync(AuthenticationProperties properties) { throw new NotImplementedException(); } public Task ForbidAsync(AuthenticationProperties properties) { throw new NotImplementedException(); } public Task InitializeAsync(AuthenticationScheme scheme, HttpContext context) { throw new NotImplementedException(); } }
通过以上的短篇小论,我们主要梳理了AuthenticationScheme、AuthenticationSchemeBuilder和AuthenticationOptions三个类。