更改 IdentityServer 4 中的默认端点

Question

我正在使用 IdentityServer 4 (1.0.0-beta5)。

默认情况下，身份验证的端点是：'/connect/token'。

如何更改 IdentityServer 中的默认端点，例如：'/api/login'？

谢谢

Answer 1

在启动时设置 Identity Server 4 - 您可以使用此“hack”并更新端点路径：

        var builder = services.AddIdentityServer()
            .AddDeveloperSigningCredential()
            .AddInMemoryApiResources(Config.GetApiResources())
            .AddInMemoryClients(Config.GetClients());

        builder.Services
            .Where(service => service.ServiceType == typeof(Endpoint))
            .Select(item => (Endpoint)item.ImplementationInstance)
            .ToList()
            .ForEach(item => item.Path = item.Path.Value.Replace("/connect", ""));

基本上 - 一旦你调用 AddIdentityServer - 当它调用 AddDefaultEndPoints em> 方法。现在 Endpoint 在接收到每个请求以匹配请求的 Url 时进行迭代；所以更改路径会立即生效。

请注意，在上面的示例中 - 我已经删除了所有 来自任何前缀的路径中的“/connect”值。

Answer 2

目前您无法更改协议端点的端点 URL。如果您认为有必要，请在 github 上打开一个问题。

Answer 3

现在这个问题有点老了，这只是另一种看起来不像黑客的方式

IdentityServer4 提供一个名为IEndpointRouter 的服务，如果该服务被您的自定义逻辑覆盖，您将允许您将客户端请求的路径映射到 IdentityServer4 端点之一。 基于IEndpointRouter 的默认实现（顺便说一句，这是内部的），我编写了这个类来自己进行映射。

internal class CustomEndpointRouter : IEndpointRouter
{
    const string TOKEN_ENDPOINT = "/oauth/token";

    private readonly IEnumerable<Endpoint> _endpoints;
    private readonly IdentityServerOptions _options;
    private readonly ILogger _logger;

    public CustomEndpointRouter (IEnumerable<Endpoint> endpoints, IdentityServerOptions options, ILogger<CustomEndpointRouter > logger)
    {
        _endpoints = endpoints;
        _options = options;
        _logger = logger;
    }

    public IEndpointHandler Find(Microsoft.AspNetCore.Http.HttpContext context)
    {
        if (context == null) throw new ArgumentNullException(nameof(context));

        if (context.Request.Path.Equals(TOKEN_ENDPOINT, StringComparison.OrdinalIgnoreCase))
        {
            var tokenEndPoint = GetEndPoint(EndpointNames.Token);
            return GetEndpointHandler(tokenEndPoint, context);
        }
        //put a case for all endpoints or just fallback to IdentityServer4 default paths
        else
        {
            foreach (var endpoint in _endpoints)
            {
                var path = endpoint.Path;
                if (context.Request.Path.Equals(path, StringComparison.OrdinalIgnoreCase))
                {
                    var endpointName = endpoint.Name;
                    _logger.LogDebug("Request path {path} matched to endpoint type {endpoint}", context.Request.Path, endpointName);

                    return GetEndpointHandler(endpoint, context);
                }
            }
        }
        _logger.LogTrace("No endpoint entry found for request path: {path}", context.Request.Path);
        return null;
    }

    private Endpoint GetEndPoint(string endPointName)
    {
        Endpoint endpoint = null;
        foreach (var ep in _endpoints)
        {
            if (ep.Name == endPointName)
            {
                endpoint = ep;
                break;
            }
        }
        return endpoint;
    }

    private IEndpointHandler GetEndpointHandler(Endpoint endpoint, Microsoft.AspNetCore.Http.HttpContext context)
    {
        if (_options.Endpoints.IsEndpointEnabled(endpoint))
        {
            var handler = context.RequestServices.GetService(endpoint.Handler) as IEndpointHandler;
            if (handler != null)
            {
                _logger.LogDebug("Endpoint enabled: {endpoint}, successfully created handler: {endpointHandler}", endpoint.Name, endpoint.Handler.FullName);
                return handler;
            }
            else
            {
                _logger.LogDebug("Endpoint enabled: {endpoint}, failed to create handler: {endpointHandler}", endpoint.Name, endpoint.Handler.FullName);
            }
        }
        else
        {
            _logger.LogWarning("Endpoint disabled: {endpoint}", endpoint.Name);
        }

        return null;
    }
}

internal static class EndpointOptionsExtensions
{
    public static bool IsEndpointEnabled(this EndpointsOptions options, Endpoint endpoint)
    {
        switch (endpoint?.Name)
        {
            case EndpointNames.Authorize:
                return options.EnableAuthorizeEndpoint;
            case EndpointNames.CheckSession:
                return options.EnableCheckSessionEndpoint;
            case EndpointNames.Discovery:
                return options.EnableDiscoveryEndpoint;
            case EndpointNames.EndSession:
                return options.EnableEndSessionEndpoint;
            case EndpointNames.Introspection:
                return options.EnableIntrospectionEndpoint;
            case EndpointNames.Revocation:
                return options.EnableTokenRevocationEndpoint;
            case EndpointNames.Token:
                return options.EnableTokenEndpoint;
            case EndpointNames.UserInfo:
                return options.EnableUserInfoEndpoint;
            default:
                // fall thru to true to allow custom endpoints
                return true;
        }
    }
}

public static class EndpointNames
{
    public const string Authorize = "Authorize";
    public const string Token = "Token";
    public const string DeviceAuthorization = "DeviceAuthorization";
    public const string Discovery = "Discovery";
    public const string Introspection = "Introspection";
    public const string Revocation = "Revocation";
    public const string EndSession = "Endsession";
    public const string CheckSession = "Checksession";
    public const string UserInfo = "Userinfo";
}

那么你只需要像下面这样注册这个CustomEndpointRouter服务

services.AddTransient<IEndpointRouter, CustomEndpointRouter>();

请注意，此更新后的路径不会出现在发现文档中

Answer 4

你可以试试这个 services.AddIdentityServer(options => options.PublicOrigin = "URL")

检查此链接。 http://amilspage.com/set-identityserver4-url-behind-loadbalancer/

Answer 5

只需将其添加到 Startup.cs

services.ConfigureApplicationCookie(config =>
{
   config.Cookie.Name = "IdentityServer.Cookie";
   config.LoginPath = "/Auth/Login";
   config.LogoutPath = "/Auth/Logout";
});