ASP.NET Core集成微信登录的示例分析
发表于:2025-02-19 作者:千家信息网编辑
千家信息网最后更新 2025年02月19日,这篇文章主要为大家展示了"ASP.NET Core集成微信登录的示例分析",内容简而易懂,条理清晰,希望能够帮助大家解决疑惑,下面让小编带领大家一起研究并学习一下"ASP.NET Core集成微信登录
千家信息网最后更新 2025年02月19日ASP.NET Core集成微信登录的示例分析
这篇文章主要为大家展示了"ASP.NET Core集成微信登录的示例分析",内容简而易懂,条理清晰,希望能够帮助大家解决疑惑,下面让小编带领大家一起研究并学习一下"ASP.NET Core集成微信登录的示例分析"这篇文章吧。
工具:
Visual Studio 2015 update 3
Asp.Net Core 1.0
1 准备工作
申请微信公众平台接口测试帐号,申请网址:(mp.weixin.qq.com/debug/cgi-bin/sandbox?t=sandbox/login)。申请接口测试号无需公众帐号,可以直接体验和测试公众平台所有高级接口。
1.1 配置接口信息
1.2 修改网页授权信息
点击"修改"后在弹出页面填入你的网站域名:
2 新建网站项目
2.1 选择ASP.NET Core Web Application 模板
2.2 选择Web 应用程序,并更改身份验证为个人用户账户
3 集成微信登录功能
3.1添加引用
打开project.json文件,添加引用Microsoft.AspNetCore.Authentication.OAuth
3.2 添加代码文件
在项目中新建文件夹,命名为WeChatOAuth,并添加代码文件(本文最后附全部代码)。
3.3 注册微信登录中间件
打开Startup.cs文件,在Configure中添加代码:
app.UseWeChatAuthentication(new WeChatOptions(){ AppId = "******", AppSecret = "******"});注意该代码的插入位置必须在app.UseIdentity()下方。
4 代码
WeChatAppBuilderExtensions.cs:
// Copyright (c) .NET Foundation. All rights reserved.// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.using System;using Microsoft.AspNetCore.Authentication.WeChat;using Microsoft.Extensions.Options;namespace Microsoft.AspNetCore.Builder{ /// /// Extension methods to add WeChat authentication capabilities to an HTTP application pipeline. /// public static class WeChatAppBuilderExtensions { /// /// Adds the /// The A reference to this instance after the operation has completed. public static IApplicationBuilder UseWeChatAuthentication(this IApplicationBuilder app) { if (app == null) { throw new ArgumentNullException(nameof(app)); } return app.UseMiddleware(); } /// /// Adds the /// The A reference to this instance after the operation has completed. public static IApplicationBuilder UseWeChatAuthentication(this IApplicationBuilder app, WeChatOptions options) { if (app == null) { throw new ArgumentNullException(nameof(app)); } if (options == null) { throw new ArgumentNullException(nameof(options)); } return app.UseMiddleware(Options.Create(options)); } }} WeChatDefaults.cs:
// Copyright (c) .NET Foundation. All rights reserved.// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.namespace Microsoft.AspNetCore.Authentication.WeChat{ public static class WeChatDefaults { public const string AuthenticationScheme = "WeChat"; public static readonly string AuthorizationEndpoint = "https://open.weixin.qq.com/connect/oauth3/authorize"; public static readonly string TokenEndpoint = "https://api.weixin.qq.com/sns/oauth3/access_token"; public static readonly string UserInformationEndpoint = "https://api.weixin.qq.com/sns/userinfo"; }}WeChatHandler.cs
// Copyright (c) .NET Foundation. All rights reserved.// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.using Microsoft.AspNetCore.Authentication.OAuth;using Microsoft.AspNetCore.Builder;using Microsoft.AspNetCore.Http.Authentication;using Microsoft.AspNetCore.Http.Extensions;using Microsoft.Extensions.Primitives;using Newtonsoft.Json.Linq;using System;using System.Collections.Generic;using System.Net.Http;using System.Net.Http.Headers;using System.Security.Claims;using System.Text;using Microsoft.AspNetCore.Mvc;using System.Threading.Tasks;namespace Microsoft.AspNetCore.Authentication.WeChat{ internal class WeChatHandler : OAuthHandler { public WeChatHandler(HttpClient httpClient) : base(httpClient) { } protected override async Task HandleRemoteAuthenticateAsync() { AuthenticationProperties properties = null; var query = Request.Query; var error = query["error"]; if (!StringValues.IsNullOrEmpty(error)) { var failureMessage = new StringBuilder(); failureMessage.Append(error); var errorDescription = query["error_description"]; if (!StringValues.IsNullOrEmpty(errorDescription)) { failureMessage.Append(";Description=").Append(errorDescription); } var errorUri = query["error_uri"]; if (!StringValues.IsNullOrEmpty(errorUri)) { failureMessage.Append(";Uri=").Append(errorUri); } return AuthenticateResult.Fail(failureMessage.ToString()); } var code = query["code"]; var state = query["state"]; var oauthState = query["oauthstate"]; properties = Options.StateDataFormat.Unprotect(oauthState); if (state != Options.StateAddition || properties == null) { return AuthenticateResult.Fail("The oauth state was missing or invalid."); } // OAuth3 10.12 CSRF if (!ValidateCorrelationId(properties)) { return AuthenticateResult.Fail("Correlation failed."); } if (StringValues.IsNullOrEmpty(code)) { return AuthenticateResult.Fail("Code was not found."); } //获取tokens var tokens = await ExchangeCodeAsync(code, BuildRedirectUri(Options.CallbackPath)); var identity = new ClaimsIdentity(Options.ClaimsIssuer); AuthenticationTicket ticket = null; if (Options.WeChatScope == Options.InfoScope) { //获取用户信息 ticket = await CreateTicketAsync(identity, properties, tokens); } else { //不获取信息,只使用openid identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, tokens.TokenType, ClaimValueTypes.String, Options.ClaimsIssuer)); ticket = new AuthenticationTicket(new ClaimsPrincipal(identity), properties, Options.AuthenticationScheme); } if (ticket != null) { return AuthenticateResult.Success(ticket); } else { return AuthenticateResult.Fail("Failed to retrieve user information from remote server."); } } /// /// OAuth第一步,获取code /// /// /// /// /// OAuth第二步,获取token /// /// /// /// ExchangeCodeAsync(string code, string redirectUri) { var tokenRequestParameters = new Dictionary() { { "appid", Options.ClientId }, { "secret", Options.ClientSecret }, { "code", code }, { "grant_type", "authorization_code" }, }; var requestContent = new FormUrlEncodedContent(tokenRequestParameters); var requestMessage = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint); requestMessage.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); requestMessage.Content = requestContent; var response = await Backchannel.SendAsync(requestMessage, Context.RequestAborted); if (response.IsSuccessStatusCode) { var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); string ErrCode = payload.Value("errcode"); string ErrMsg = payload.Value("errmsg"); if (!string.IsNullOrEmpty(ErrCode) | !string.IsNullOrEmpty(ErrMsg)) { return OAuthTokenResponse.Failed(new Exception($"ErrCode:{ErrCode},ErrMsg:{ErrMsg}")); } var tokens = OAuthTokenResponse.Success(payload); //借用TokenType属性保存openid tokens.TokenType = payload.Value("openid"); return tokens; } else { var error = "OAuth token endpoint failure"; return OAuthTokenResponse.Failed(new Exception(error)); } } /// /// OAuth第四步,获取用户信息 /// /// /// /// /// CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens) { var queryBuilder = new QueryBuilder() { { "access_token", tokens.AccessToken }, { "openid", tokens.TokenType },//在第二步中,openid被存入TokenType属性 { "lang", "zh_CN" } }; var infoRequest = Options.UserInformationEndpoint + queryBuilder.ToString(); var response = await Backchannel.GetAsync(infoRequest, Context.RequestAborted); if (!response.IsSuccessStatusCode) { throw new HttpRequestException($"Failed to retrieve WeChat user information ({response.StatusCode}) Please check if the authentication information is correct and the corresponding WeChat Graph API is enabled."); } var user = JObject.Parse(await response.Content.ReadAsStringAsync()); var ticket = new AuthenticationTicket(new ClaimsPrincipal(identity), properties, Options.AuthenticationScheme); var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, user); var identifier = user.Value("openid"); if (!string.IsNullOrEmpty(identifier)) { identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, identifier, ClaimValueTypes.String, Options.ClaimsIssuer)); } var nickname = user.Value("nickname"); if (!string.IsNullOrEmpty(nickname)) { identity.AddClaim(new Claim(ClaimTypes.Name, nickname, ClaimValueTypes.String, Options.ClaimsIssuer)); } var sex = user.Value("sex"); if (!string.IsNullOrEmpty(sex)) { identity.AddClaim(new Claim("urn:WeChat:sex", sex, ClaimValueTypes.String, Options.ClaimsIssuer)); } var country = user.Value("country"); if (!string.IsNullOrEmpty(country)) { identity.AddClaim(new Claim(ClaimTypes.Country, country, ClaimValueTypes.String, Options.ClaimsIssuer)); } var province = user.Value("province"); if (!string.IsNullOrEmpty(province)) { identity.AddClaim(new Claim(ClaimTypes.StateOrProvince, province, ClaimValueTypes.String, Options.ClaimsIssuer)); } var city = user.Value("city"); if (!string.IsNullOrEmpty(city)) { identity.AddClaim(new Claim("urn:WeChat:city", city, ClaimValueTypes.String, Options.ClaimsIssuer)); } var headimgurl = user.Value("headimgurl"); if (!string.IsNullOrEmpty(headimgurl)) { identity.AddClaim(new Claim("urn:WeChat:headimgurl", headimgurl, ClaimValueTypes.String, Options.ClaimsIssuer)); } var unionid = user.Value("unionid"); if (!string.IsNullOrEmpty(unionid)) { identity.AddClaim(new Claim("urn:WeChat:unionid", unionid, ClaimValueTypes.String, Options.ClaimsIssuer)); } await Options.Events.CreatingTicket(context); return context.Ticket; } }} WeChatMiddleware.cs
// Copyright (c) .NET Foundation. All rights reserved.// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.using System;using System.Globalization;using System.Text.Encodings.Web;using Microsoft.AspNetCore.Authentication.OAuth;using Microsoft.AspNetCore.Builder;using Microsoft.AspNetCore.DataProtection;using Microsoft.AspNetCore.Http;using Microsoft.Extensions.Logging;using Microsoft.Extensions.Options;namespace Microsoft.AspNetCore.Authentication.WeChat{ /// /// An ASP.NET Core middleware for authenticating users using WeChat. /// public class WeChatMiddleware : OAuthMiddleware { /// /// Initializes a new /// The next middleware in the HTTP pipeline to invoke. /// /// /// /// /// Configuration options for the middleware. public WeChatMiddleware( RequestDelegate next, IDataProtectionProvider dataProtectionProvider, ILoggerFactory loggerFactory, UrlEncoder encoder, IOptions sharedOptions, IOptions options) : base(next, dataProtectionProvider, loggerFactory, encoder, sharedOptions, options) { if (next == null) { throw new ArgumentNullException(nameof(next)); } if (dataProtectionProvider == null) { throw new ArgumentNullException(nameof(dataProtectionProvider)); } if (loggerFactory == null) { throw new ArgumentNullException(nameof(loggerFactory)); } if (encoder == null) { throw new ArgumentNullException(nameof(encoder)); } if (sharedOptions == null) { throw new ArgumentNullException(nameof(sharedOptions)); } if (options == null) { throw new ArgumentNullException(nameof(options)); } if (string.IsNullOrEmpty(Options.AppId)) { throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, nameof(Options.AppId))); } if (string.IsNullOrEmpty(Options.AppSecret)) { throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, nameof(Options.AppSecret))); } } /// /// Provides the /// An protected override AuthenticationHandler CreateHandler() { return new WeChatHandler(Backchannel); } }} WeChatOptions.cs
// Copyright (c) .NET Foundation. All rights reserved.// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.using System.Collections.Generic;using Microsoft.AspNetCore.Authentication.WeChat;using Microsoft.AspNetCore.Http;using Microsoft.AspNetCore.Identity;namespace Microsoft.AspNetCore.Builder{ /// /// Configuration options for public class WeChatOptions : OAuthOptions { /// /// Initializes a new public WeChatOptions() { AuthenticationScheme = WeChatDefaults.AuthenticationScheme; DisplayName = AuthenticationScheme; CallbackPath = new PathString("/signin-wechat"); StateAddition = "#wechat_redirect"; AuthorizationEndpoint = WeChatDefaults.AuthorizationEndpoint; TokenEndpoint = WeChatDefaults.TokenEndpoint; UserInformationEndpoint = WeChatDefaults.UserInformationEndpoint; //SaveTokens = true; //BaseScope (不弹出授权页面,直接跳转,只能获取用户openid), //InfoScope (弹出授权页面,可通过openid拿到昵称、性别、所在地。并且,即使在未关注的情况下,只要用户授权,也能获取其信息) WeChatScope = InfoScope; } // WeChat uses a non-standard term for this field. /// /// Gets or sets the WeChat-assigned appId. /// public string AppId { get { return ClientId; } set { ClientId = value; } } // WeChat uses a non-standard term for this field. /// /// Gets or sets the WeChat-assigned app secret. /// public string AppSecret { get { return ClientSecret; } set { ClientSecret = value; } } public string StateAddition { get; set; } public string WeChatScope { get; set; } public string BaseScope = "snsapi_base"; public string InfoScope = "snsapi_userinfo"; }}以上是"ASP.NET Core集成微信登录的示例分析"这篇文章的所有内容,感谢各位的阅读!相信大家都有了一定的了解,希望分享的内容对大家有所帮助,如果还想学习更多知识,欢迎关注行业资讯频道!
代码
信息
登录
文件
用户
接口
示例
分析
公众
内容
篇文章
页面
测试
属性
平台
网站
项目
帐号
学习
帮助
数据库的安全要保护哪些东西
数据库安全各自的含义是什么
生产安全数据库录入
数据库的安全性及管理
数据库安全策略包含哪些
海淀数据库安全审计系统
建立农村房屋安全信息数据库
易用的数据库客户端支持安全管理
连接数据库失败ssl安全错误
数据库的锁怎样保障安全
网络安全管理员资格
中国软件开发的人物
徐州工程学院网络技术专业
软件开发软件编程学习
网络安全检测等级
流程图的数据库图标是什么
股票兼职软件开发
钻块服务器
三级网络技术的序列号
学生网络安全教学视频
网络安全的应急演练总结
长治市天气预报软件开发
登录系统转移怎么重新连接数据库
oracle数据库多少钱
青海华为网络技术有限公司
网络安全宣传日活动视频
山东人工智能软件开发价钱
每个公民都有义务维护网络安全
昆明教育台网络安全
美股网络安全股票有哪些
es浏览器建立ftp服务器
网络安全产业特色介绍
北京暑期软件开发培训费用
绝地求生购买东西连接服务器错误
无法连接服务器的提示如何关闭
饥荒联机版服务器怎么开启洞穴
济南安卓软件开发价格表
川网传媒高科技互联网公司
金融软件开发招聘信息
搭建青龙需要啥服务器
