Skip to content

Commit b5aa42b

Browse files
committed
调整 zserver-api 的 JWT 配置
1 parent d4b0654 commit b5aa42b

4 files changed

Lines changed: 61 additions & 24 deletions

File tree

.github/workflows/docker-image.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,6 @@ jobs:
1717
- name: Login docker regsitry
1818
run: docker login -u ${{ secrets.DOCKER_USER }} -p ${{ secrets.DOCKER_USER_PASSWORD }}
1919
- name: Build the Docker image
20-
run: docker build --target zserver-api -f API.Dockerfile -t zlzforever/zserver-api:20251201-1 .
20+
run: docker build --target zserver-api -f API.Dockerfile -t zlzforever/zserver-api:20260304-1 .
2121
- name: Publish the Docker image
22-
run: docker push zlzforever/zserver-api:20251201-1
22+
run: docker push zlzforever/zserver-api:20260304-1

src/ZMap.Source.Postgre/ZMap.Source.Postgre.csproj

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
</ItemGroup>
88
<ItemGroup>
99
<!-- <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="6.0.8" />-->
10-
<PackageReference Include="FreeSql.Provider.PostgreSQL" Version="3.5.303" />
10+
<PackageReference Include="FreeSql.Provider.PostgreSQL" Version="3.5.305" />
1111
<PackageReference Include="Npgsql.NetTopologySuite" Version="9.0.4" />
1212
</ItemGroup>
1313
<ItemGroup>

src/ZServer.API/JwtBearerAuthenticationExtensions.cs

Lines changed: 5 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -24,10 +24,9 @@ public static AuthenticationBuilder AddJwtBearerAuthentication(this IServiceColl
2424
IConfiguration configuration)
2525
{
2626
var jwtBearerOptions = configuration.GetSection("JwtBearer").Get<JwtBearerSettings>();
27-
RsaSecurityKey rsaSecurityKey = null;
28-
if (jwtBearerOptions.Key != null)
27+
var rsaSecurityKey = jwtBearerOptions.GetRsaSecurityKey();
28+
if (rsaSecurityKey != null)
2929
{
30-
rsaSecurityKey = jwtBearerOptions.Key.GetRsaSecurityKey();
3130
services.AddKeyedSingleton(JwtBearerSettings.JwtBearerRsaSecurityKey, rsaSecurityKey);
3231
}
3332

@@ -66,25 +65,10 @@ public static AuthenticationBuilder AddJwtBearerAuthentication(this IServiceColl
6665
}
6766
else
6867
{
69-
options.Authority = jwtBearerOptions.Authority ??
70-
throw new ApplicationException("JwtBearer:Authority is null or empty. ");
71-
68+
options.Authority = jwtBearerOptions.Authority ?? throw new ApplicationException(
69+
"JwtBearer:Authority is null or empty. Please check your configuration. https://qcn6sgdfwyfj.feishu.cn/wiki/O4QEwz6idiwHFsk8V3EcLE7Unpf?fromScene=spaceOverview#share-VPlFdJAwSo2Oyyxs7XPcWHy4nQd");
7270
options.RequireHttpsMetadata = jwtBearerOptions.RequireHttpsMetadata;
73-
options.MetadataAddress = jwtBearerOptions.MetadataAddress ?? string.Empty;
74-
75-
// 试验性代码,authority 不设计 https/requireHttpsMetadata
76-
if (!options.RequireHttpsMetadata && string.IsNullOrEmpty(options.MetadataAddress) &&
77-
!string.IsNullOrEmpty(options.Authority))
78-
{
79-
var metadataAddress =
80-
options.Authority.Replace("https://", "http://", StringComparison.OrdinalIgnoreCase);
81-
if (!metadataAddress.EndsWith("/", StringComparison.Ordinal))
82-
{
83-
metadataAddress += "/";
84-
}
85-
86-
options.MetadataAddress = metadataAddress + ".well-known/openid-configuration";
87-
}
71+
options.MetadataAddress = jwtBearerOptions.GetMetadataAddress();
8872
}
8973
});
9074

src/ZServer.API/JwtBearerSettings.cs

Lines changed: 53 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,7 @@
1+
using System;
2+
using System.Text.Json;
3+
using Microsoft.IdentityModel.Tokens;
4+
15
namespace ZServer.API;
26

37
/// <summary>
@@ -54,4 +58,53 @@ public class JwtBearerSettings
5458
///
5559
/// </summary>
5660
public string MetadataAddress { get; set; }
61+
62+
/// <summary>
63+
///
64+
/// </summary>
65+
public string KeyPath { get; set; }
66+
67+
/// <summary>
68+
///
69+
/// </summary>
70+
/// <returns></returns>
71+
public string GetMetadataAddress()
72+
{
73+
// 试验性代码,authority 不设计 https/requireHttpsMetadata
74+
if (!RequireHttpsMetadata && string.IsNullOrEmpty(MetadataAddress) &&
75+
!string.IsNullOrEmpty(Authority))
76+
{
77+
var metadataAddress =
78+
Authority.Replace("https://", "http://", StringComparison.OrdinalIgnoreCase);
79+
if (!metadataAddress.EndsWith("/", StringComparison.Ordinal))
80+
{
81+
metadataAddress += "/";
82+
}
83+
84+
return metadataAddress + ".well-known/openid-configuration";
85+
}
86+
87+
return MetadataAddress ?? string.Empty;
88+
}
89+
90+
/// <summary>
91+
///
92+
/// </summary>
93+
/// <returns></returns>
94+
public RsaSecurityKey GetRsaSecurityKey()
95+
{
96+
if (string.IsNullOrEmpty(KeyPath))
97+
{
98+
return Key?.GetRsaSecurityKey();
99+
}
100+
101+
var json = System.IO.File.ReadAllText(KeyPath);
102+
Key = JsonSerializer.Deserialize<RSAParametersInfo>(json, new JsonSerializerOptions
103+
{
104+
PropertyNameCaseInsensitive = false,
105+
PropertyNamingPolicy = JsonNamingPolicy.CamelCase
106+
});
107+
108+
return Key?.GetRsaSecurityKey();
109+
}
57110
}

0 commit comments

Comments
 (0)