我一直在学习如何使WS-Federation在没有身份的情况下工作,并且在初始设置中,我使用了本指南:https://docs.microsoft.com/en-us/aspnet/core/security/authentication/ws-federation?view=aspnetcore-3.0
[在最长的时间内,我一直遇到错误,但是偶然地,我找到了解决方案,其中包括Microsoft.AspNetCore.DataProtection.Abstractions
NuGet软件包。
在指南的任何地方都没有提到,我发现只有一篇文章提到了与WS-Federation相关的文章:https://github.com/dotnet/aspnetcore/issues/18639
此NuGet软件包的作用是什么,为什么要使WS-Federation工作需要它?这甚至是设置它的正确方法吗?
您可以找到源代码on github here
有效地,它提供了接口IDataProtector和IDataProtectionProvider。
namespace Microsoft.AspNetCore.DataProtection
{
/// <summary>
/// An interface that can provide data protection services.
/// </summary>
public interface IDataProtector : IDataProtectionProvider
{
/// <summary>
/// Cryptographically protects a piece of plaintext data.
/// </summary>
/// <param name="plaintext">The plaintext data to protect.</param>
/// <returns>The protected form of the plaintext data.</returns>
byte[] Protect(byte[] plaintext);
/// <summary>
/// Cryptographically unprotects a piece of protected data.
/// </summary>
/// <param name="protectedData">The protected data to unprotect.</param>
/// <returns>The plaintext form of the protected data.</returns>
/// <exception cref="System.Security.Cryptography.CryptographicException">
/// Thrown if the protected data is invalid or malformed.
/// </exception>
byte[] Unprotect(byte[] protectedData);
}
}
namespace Microsoft.AspNetCore.DataProtection
{
/// <summary>
/// An interface that can be used to create <see cref="IDataProtector"/> instances.
/// </summary>
public interface IDataProtectionProvider
{
/// <summary>
/// Creates an <see cref="IDataProtector"/> given a purpose.
/// </summary>
/// <param name="purpose">
/// The purpose to be assigned to the newly-created <see cref="IDataProtector"/>.
/// </param>
/// <returns>An IDataProtector tied to the provided purpose.</returns>
/// <remarks>
/// The <paramref name="purpose"/> parameter must be unique for the intended use case; two
/// different <see cref="IDataProtector"/> instances created with two different <paramref name="purpose"/>
/// values will not be able to decipher each other's payloads. The <paramref name="purpose"/> parameter
/// value is not intended to be kept secret.
/// </remarks>
IDataProtector CreateProtector(string purpose);
}
}
它们都是WS-Federation正在实现(一个或另一个或两者)或正在使用的某种实现的抽象(从某种DI容器或构造函数中期望它)。无论如何,没有它,您将无法使它正常工作。
设置此方法的方法是还安装nuget软件包from here