Integrating asp.net identity to realize token authentication in gRPC

Posted by marcnyc on Sun, 03 Nov 2019 20:30:52 +0100

Enable identity authentication in asp.net core 3.0

asp.net core 3.0 identity packages and core 2.2 that need to be imported have some changes:

<ItemGroup>
  <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="3.0.0-preview5-19227-01" />
  <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="3.0.0-preview5-19227-01" />
  <PackageReference Include="Microsoft.AspNetCore.Identity.UI" Version="3.0.0-preview5-19227-01" />
  <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="3.0.0-preview5-19227-01" />
  <PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" Version="3.0.0-preview5-19227-01" />
  <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="3.0.0-preview5.19227.1" />
  <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="3.0.0-preview5.19227.1" />
</ItemGroup>

The configuration mode of the code has not changed much, mainly in ConfigureServices:

services.AddDbContext<ApplicationDbContext>(options =>
    options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));

services
    .AddDefaultIdentity<IdentityUser>(delegate (IdentityOptions options)
    {
        options.Password.RequiredLength = 6;
        options.Password.RequireLowercase = false;
        options.Password.RequireUppercase = false;
        options.Password.RequireNonAlphanumeric = false;
        options.Password.RequireDigit = false;
    })
    .AddEntityFrameworkStores<ApplicationDbContext>();

services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
    .AddJwtBearer(options =>
    {
        options.TokenValidationParameters = new TokenValidationParameters
        {
            LifetimeValidator = (before, expires, token, param) => expires > DateTime.UtcNow,
            ValidateAudience = false,
            ValidateIssuer = false,
            ValidateActor = false,
            ValidateLifetime = true,
            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("41B71F9E-4204-4E88-8E91-64B1981F1B82"))
        };
    });

Integrating gRPC and Restful API in asp.net core 3.0

Both HTTP1 and HTTP2 are supported in Kestrel:

public static IHostBuilder CreateHostBuilder(string[] args) =>
    Host.CreateDefaultBuilder(args)
        .ConfigureWebHostDefaults(webBuilder =>
        {
            webBuilder
                .ConfigureKestrel(options =>
                {
                    options.ListenLocalhost(50051, listenOptions =>
                    {
                        listenOptions.UseHttps("server.pfx", "1111");
                        listenOptions.Protocols = HttpProtocols.Http1AndHttp2;
                    });
                })
                .UseStartup<Startup>();
        });

One thing that needs special attention, about Kestrel's File It is mentioned that to enable Http1 and Http2 at the same time, TLS and ALPN are required to direct HTTP/2, otherwise, HTTP 1.1 is the default.

Authorization of gRPC service based on Bearer Token

After gRPC is integrated into asp.net core3.0, the default authorization method can be directly used in gRPC service:

[Authorize(AuthenticationSchemes = "Bearer")]
public class GreeterService : Greeter.GreeterBase
{
    public override Task<HelloReply> SayHello(HelloRequest request, ServerCallContext context)
    {
        return Task.FromResult(new HelloReply
        {
            Message = "Hello " + request.Name
        });
    }
}

Refer to for complete code Github code base

Topics: C# encoding github

Hot Topics

©2024 Programmer Think