The bearer HTTP middleware verifies a Bearer Token using OpenID Connect on a Web API without modifying the application. 这种设计将认证/授权的关注点从应用中分离出来,因此应用操作者可以采用和配置认证/授权提供者,而不影响应用代码。
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: bearer-token
spec:
type: middleware.http.bearer
version: v1
metadata:
- name: clientId
value: "<your client ID>"
- name: issuerURL
value: "https://accounts.google.com"
字段 | 详情 | Example |
---|---|---|
clientId | 你的应用程序的客户端ID,它是作为OpenID Connect平台托管的凭证的一部分创建的 | |
issuerURL | 服务的URL标识 | "https://accounts.google.com" , "https://login.salesforce.com" |
To be applied, the middleware must be referenced in configuration. See middleware pipelines.
apiVersion: dapr.io/v1alpha1
kind: Configuration
metadata:
name: appconfig
spec:
httpPipeline:
handlers:
- name: bearer-token
type: middleware.http.bearer