.net core 1.0 实现单点登录负载多服务器

前言

　　.net core 出来有一时间了，这段时间也一直在做技术准备，目前想做一个单点登录（SSO）系统，在这之前用.net时我用习惯了machineKey ,也顺手在.net core 中尝试了一上，结果发现不好使了，也不起作用，于是开始了网上学习。

实现方法

　　功夫不负有心人，网上高人还是多，在github.com上面ISSUES中也有人在讨论此问题，于是找到代码尝试，结果实现了。

　　直接上代码，我们需要先封装一个XmlRepository，Key的格式如下：

				?

									<?xml version="1.0" encoding="utf-8"?>

									<key id="cbb8a41a-9ca4-4a79-a1de-d39c4e307d75" version="1">

									 <creationDate>2016-07-23T10:09:49.1888876Z</creationDate>

									 <activationDate>2016-07-23T10:09:49.1388521Z</activationDate>

									 <expirationDate>2116-10-21T10:09:49.1388521Z</expirationDate>

									 <descriptor deserializerType="Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ConfigurationModel.AuthenticatedEncryptorDescriptorDeserializer, Microsoft.AspNetCore.DataProtection, Version=1.1.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60">

									  <descriptor>

									   <encryption algorithm="AES_256_CBC" />

									   <validation algorithm="HMACSHA256" />

									   <masterKey p4:requiresEncryption="true" xmlns:p4="http://schemas.asp.net/2015/03/dataProtection">

									    <!-- Warning: the key below is in an unencrypted form. -->

									    <value>WYgZNh/3dOKRYJ1OAhVqs56pWPMHei15Uj44DPLWbYUiCpNVEBwqDfYAUq/4jBKYrNoUbaRkGY5o/NZ6a2NTwA==</value>

									   </masterKey>

									  </descriptor>

									 </descriptor>

									</key>

XmlRepository代码：

				?

									public class CustomFileXmlRepository : IXmlRepository

									  {

									    private readonly string filePath = @"C:\keys\key.xml";

									    public virtual IReadOnlyCollection<XElement> GetAllElements()

									    {

									      return GetAllElementsCore().ToList().AsReadOnly();

									    }

									    private IEnumerable<XElement> GetAllElementsCore()

									    {

									      yield return XElement.Load(filePath);

									    }

									    public virtual void StoreElement(XElement element, string friendlyName)

									    {

									      if (element == null)

									      {

									        throw new ArgumentNullException(nameof(element));

									      }

									      StoreElementCore(element, friendlyName);

									    }

									    private void StoreElementCore(XElement element, string filename)

									    {

									    }

									  }

Startup代码：

				?

									public class Startup

									  {

									    public Startup(IHostingEnvironment env)

									    {

									      var builder = new ConfigurationBuilder()

									        .SetBasePath(env.ContentRootPath)

									        .AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)

									        .AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true)

									        .AddEnvironmentVariables();

									      Configuration = builder.Build();

									    }

									    public IConfigurationRoot Configuration { get; }

									    // This method gets called by the runtime. Use this method to add services to the container.

									    public void ConfigureServices(IServiceCollection services)

									    {

									      services.AddSingleton<IXmlRepository, CustomFileXmlRepository>();

									      services.AddDataProtection(configure =>

									      {

									        configure.ApplicationDiscriminator = "Htw.Web";

									      });

									      // Add framework services.

									      services.AddMvc();

									    }

									    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.

									    public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)

									    {

									      loggerFactory.AddConsole(Configuration.GetSection("Logging"));

									      loggerFactory.AddDebug();

									      if (env.IsDevelopment())

									      {

									        app.UseDeveloperExceptionPage();

									        app.UseBrowserLink();

									      }

									      else

									      {

									        app.UseExceptionHandler("/Home/Error");

									      }

									      app.UseStaticFiles();

									      app.UseCookieAuthentication(new CookieAuthenticationOptions()

									      {

									        AuthenticationScheme = CookieAuthenticationDefaults.AuthenticationScheme,

									        LoginPath = new PathString("/Account/Unauthorized/"),

									        AccessDeniedPath = new PathString("/Account/Forbidden/"),

									        AutomaticAuthenticate = true,

									        AutomaticChallenge = false,

									        CookieHttpOnly = true,

									        CookieName = "MyCookie",

									        ExpireTimeSpan = TimeSpan.FromHours(2),

									#if !DEBUG

									        CookieDomain="h.cn",

									#endif

									        DataProtectionProvider = null

									      });

									      app.UseMvc(routes =>

									      {

									        routes.MapRoute(

									          name: "default",

									          template: "{controller=Home}/{action=Index}/{id?}");

									      });

									    }

									  }

登录代码：

				?

									public async void Login()

									  {

									    if (!HttpContext.User.Identities.Any(identity => identity.IsAuthenticated))

									    {

									      var user = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, "bob") }, CookieAuthenticationDefaults.AuthenticationScheme));

									      await HttpContext.Authentication.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, user);

									      HttpContext.Response.ContentType = "text/plain";

									      await HttpContext.Response.WriteAsync("Hello First timer");

									    }

									    else

									    {

									      HttpContext.Response.ContentType = "text/plain";

									      await HttpContext.Response.WriteAsync("Hello old timer");

									    }

									  }