Keycloak client for ASP.NET Core

前端未结

关注

 3  1217

抹茶落季 2020-12-23 15:11

Is there any existing Keycloak client for Asp.net Core? I have found a NuGet package for .net but it doesn\'t work with Core. Do you have any ideas how to easily integrate w

3条回答

死守一世寂寞 (楼主)

2020-12-23 15:50

If you want to use standard .Net Role mappings with Keycloak Client Roles, setup like so:

Startup.cs:

    services.AddAuthorization(options =>
    {
        options.AddPolicy("Users", policy =>
        policy.RequireRole("Users"));
    });

    services.AddAuthentication(options =>
    {
        options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
    })
    .AddCookie()
    .AddOpenIdConnect(options =>
    {
        options.Authority = Configuration["Authentication:oidc:Authority"]
        options.ClientId = Configuration["Authentication:oidc:ClientId"];
        options.ClientSecret = Configuration["Authentication:oidc:ClientSecret"];
        options.RequireHttpsMetadata = false;
        options.GetClaimsFromUserInfoEndpoint = true;
        options.SaveTokens = true;
        options.RemoteSignOutPath = "/SignOut";
        options.SignedOutRedirectUri = "Redirect-here";
        options.ResponseType = "code";

    });

appsettings.json:

  "Authentication": {
    "oidc": {
      "Authority":"http://your-keycloak-server/auth/realms/your-realm",
      "ClientId":"Your-Client-Name",
      "ClientSecret":"Your-client-secret"
    }
  }

Keycloak Client Settings:

Create new Token Mapper
Mapper-Values (enter your own client name)

Now you can use standard authorize role statements to apply your Keycloak Client Roles to your ASP.NET project:

[Authorize(Roles = "Users")]

0 讨论(0)

查看其它3个回答