« AWS SDK for .NET » : différence entre les versions
Aucun résumé des modifications |
|||
| Ligne 4 : | Ligne 4 : | ||
* [https://aws.amazon.com/blogs/modernizing-with-aws/how-to-load-net-configuration-from-aws-secrets-manager/ Load .NET configuration from Secrets Manager] | * [https://aws.amazon.com/blogs/modernizing-with-aws/how-to-load-net-configuration-from-aws-secrets-manager/ Load .NET configuration from Secrets Manager] | ||
= [https://docs.aws.amazon.com/ | = [https://docs.aws.amazon.com/sdkref/latest/guide/file-format.html#file-format-creds Credentials] = | ||
<filebox fn='∼/.aws/ | <filebox fn='∼/.aws/credentials' lang='ini'> | ||
[default] | [default] | ||
aws_access_key_id=... | |||
aws_secret_access_key=... | |||
aws_session_token=... | |||
[ | [profile1] | ||
key=value | |||
</filebox> | </filebox> | ||
Version du 26 février 2024 à 13:51
Secrets Manager
Credentials
| ∼/.aws/credentials |
[default]
aws_access_key_id=...
aws_secret_access_key=...
aws_session_token=...
[profile1]
key=value
|
Cognito
| Program.cs |
builder.Services.AddCognitoIdentity();
builder.Services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.Authority = builder.Configuration["AWSCognito:Authority"];
options.Audience = builder.Configuration["AWSCognito:UserPoolClientId"];
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
ValidateAudience = true
};
options.TokenValidationParameters.AudienceValidator = (audiences, securityToken, validationParameters) =>
{
// Cognito tokens doesn't have "aud" claim. Instead the audience is set in "client_id"
var jsonWebToken = (Microsoft.IdentityModel.JsonWebTokens.JsonWebToken)securityToken;
if (!jsonWebToken.Claims.Any(f => f.Type == "aud"))
return false;
return validationParameters.ValidAudience.Contains(jsonWebToken.Claims.First(f => f.Type == "aud").Value);
};
});
|