« AWS SDK for .NET » : différence entre les versions
De Banane Atomic
Aller à la navigationAller à la recherche
Aucun résumé des modifications |
|||
| Ligne 1 : | Ligne 1 : | ||
[[Category:AWS]] | [[Category:AWS]] | ||
= [https://docs.aws.amazon.com/sdkref/latest/guide/file-format.html#file-format-creds Credentials] = | = [https://docs.aws.amazon.com/sdkref/latest/guide/file-format.html#file-format-creds Credentials] = | ||
<filebox fn='∼/.aws/credentials' lang='ini'> | <filebox fn='∼/.aws/credentials' lang='ini'> | ||
| Ligne 14 : | Ligne 10 : | ||
key=value | key=value | ||
</filebox> | </filebox> | ||
= [https://docs.aws.amazon.com/sdk-for-net/v3/developer-guide/csharp_secrets-manager_code_examples.html Secrets Manager] = | |||
* [https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets_cache-net.html Secrets Manager Cache] | |||
* [https://aws.amazon.com/blogs/modernizing-with-aws/how-to-load-net-configuration-from-aws-secrets-manager/ Load .NET configuration from Secrets Manager] | |||
= Cognito = | = Cognito = | ||
Version du 26 février 2024 à 13:51
Credentials
| ∼/.aws/credentials |
[default] aws_access_key_id=... aws_secret_access_key=... aws_session_token=... [profile1] key=value |
Secrets Manager
Cognito
| Program.cs |
builder.Services.AddCognitoIdentity();
builder.Services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.Authority = builder.Configuration["AWSCognito:Authority"];
options.Audience = builder.Configuration["AWSCognito:UserPoolClientId"];
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
ValidateAudience = true
};
options.TokenValidationParameters.AudienceValidator = (audiences, securityToken, validationParameters) =>
{
// Cognito tokens doesn't have "aud" claim. Instead the audience is set in "client_id"
var jsonWebToken = (Microsoft.IdentityModel.JsonWebTokens.JsonWebToken)securityToken;
if (!jsonWebToken.Claims.Any(f => f.Type == "aud"))
return false;
return validationParameters.ValidAudience.Contains(jsonWebToken.Claims.First(f => f.Type == "aud").Value);
};
});
|
