备案控制台
探索云世界
开发者社区 开发与运维 文章 正文

Asp.Net Core Authorize你不知道的那些事(源码解读)

2020-03-25 851
版权
版权声明:
本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《 阿里云开发者社区用户服务协议》和 《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写 侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。
简介:

Asp.Net Core Authorize你不知道的那些事(源码解读)
一、前言
IdentityServer4已经分享了一些应用实战的文章,从架构到授权中心的落地应用,也伴随着对IdentityServer4掌握了一些使用规则,但是很多原理性东西还是一知半解,故我这里持续性来带大家一起来解读它的相关源代码,本文先来看看为什么Controller或者Action中添加Authorize或者全局中添加AuthorizeFilter过滤器就可以实现该资源受到保护,需要通过access_token才能通过相关的授权呢?今天我带大家来了解AuthorizeAttribute和AuthorizeFilter的关系及代码解读。

二、代码解读
解读之前我们先来看看下面两种标注授权方式的代码:

标注方式
[Authorize]
[HttpGet]
public async Task

  var userId = User.UserId();
  return new
  {
     name = User.Name(),
     userId = userId,
     displayName = User.DisplayName(),
     merchantId = User.MerchantId(),
  };

}
代码中通过[Authorize]标注来限制该api资源的访问

全局方式
public void ConfigureServices(IServiceCollection services)
{

 //全局添加AuthorizeFilter 过滤器方式
 services.AddControllers(options=>options.Filters.Add(new AuthorizeFilter()));

 services.AddAuthorization();
 services.AddAuthentication("Bearer")
     .AddIdentityServerAuthentication(options =>
     {
         options.Authority = "http://localhost:5000";    //配置Identityserver的授权地址
         options.RequireHttpsMetadata = false;           //不需要https    
         options.ApiName = OAuthConfig.UserApi.ApiName;  //api的name,需要和config的名称相同
     });

}
全局通过添加AuthorizeFilter过滤器方式进行全局api资源的限制

AuthorizeAttribute
先来看看AuthorizeAttribute源代码:

[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, Inherited = true)]
public class AuthorizeAttribute : Attribute, IAuthorizeData
{

/// <summary>
/// Initializes a new instance of the <see cref="AuthorizeAttribute"/> class. 
/// </summary>
public AuthorizeAttribute() { }

/// <summary>
/// Initializes a new instance of the <see cref="AuthorizeAttribute"/> class with the specified policy. 
/// </summary>
/// <param name="policy">The name of the policy to require for authorization.</param>
public AuthorizeAttribute(string policy)
{
   Policy = policy;
}

/// <summary>
/// 收取策略
/// </summary>
public string Policy { get; set; }

/// <summary>
/// 授权角色
/// </summary>
public string Roles { get; set; }

/// <summary>
/// 授权Schemes
/// </summary>
public string AuthenticationSchemes { get; set; }

}
代码中可以看到AuthorizeAttribute继承了IAuthorizeData抽象接口,该接口主要是授权数据的约束定义,定义了三个数据属性

Prolicy :授权策略
Roles : 授权角色
AuthenticationSchemes :授权Schemes 的支持
Asp.Net Core 中的http中间件会根据IAuthorizeData这个来获取有哪些授权过滤器,来实现过滤器的拦截并执行相关代码。
我们看看AuthorizeAttribute代码如下:
public interface IAuthorizeData
{

    /// <summary>
    /// Gets or sets the policy name that determines access to the resource.
    /// </summary>
    string Policy { get; set; }

    /// <summary>
    /// Gets or sets a comma delimited list of roles that are allowed to access the resource.
    /// </summary>
    string Roles { get; set; }

    /// <summary>
    /// Gets or sets a comma delimited list of schemes from which user information is constructed.
    /// </summary>
    string AuthenticationSchemes { get; set; }

}
我们再来看看授权中间件(UseAuthorization)的核心代码:

public static IApplicationBuilder UseAuthorization(this IApplicationBuilder app)
{

if (app == null)
{
    throw new ArgumentNullException(nameof(app));
}

VerifyServicesRegistered(app);

return app.UseMiddleware<AuthorizationMiddleware>();

}
代码中注册了AuthorizationMiddleware这个中间件,AuthorizationMiddleware中间件源代码如下:

public class AuthorizationMiddleware
{

    // Property key is used by Endpoint routing to determine if Authorization has run
    private const string AuthorizationMiddlewareInvokedWithEndpointKey = "__AuthorizationMiddlewareWithEndpointInvoked";
    private static readonly object AuthorizationMiddlewareWithEndpointInvokedValue = new object();

    private readonly RequestDelegate _next;
    private readonly IAuthorizationPolicyProvider _policyProvider;

    public AuthorizationMiddleware(RequestDelegate next, IAuthorizationPolicyProvider policyProvider)
    {
        _next = next ?? throw new ArgumentNullException(nameof(next));
        _policyProvider = policyProvider ?? throw new ArgumentNullException(nameof(policyProvider));
    }

    public async Task Invoke(HttpContext context)
    {
        if (context == null)
        {
            throw new ArgumentNullException(nameof(context));
        }

        var endpoint = context.GetEndpoint();

        if (endpoint != null)
        {
            // EndpointRoutingMiddleware uses this flag to check if the Authorization middleware processed auth metadata on the endpoint.
            // The Authorization middleware can only make this claim if it observes an actual endpoint.
            context.Items[AuthorizationMiddlewareInvokedWithEndpointKey] = AuthorizationMiddlewareWithEndpointInvokedValue;
        }

        // 通过终结点路由元素IAuthorizeData来获得对于的AuthorizeAttribute并关联到AuthorizeFilter中
        var authorizeData = endpoint?.Metadata.GetOrderedMetadata<IAuthorizeData>() ?? Array.Empty<IAuthorizeData>();
        var policy = await AuthorizationPolicy.CombineAsync(_policyProvider, authorizeData);
        if (policy == null)
        {
            await _next(context);
            return;
        }

        // Policy evaluator has transient lifetime so it fetched from request services instead of injecting in constructor
        var policyEvaluator = context.RequestServices.GetRequiredService<IPolicyEvaluator>();

        var authenticateResult = await policyEvaluator.AuthenticateAsync(policy, context);

        // Allow Anonymous skips all authorization
        if (endpoint?.Metadata.GetMetadata<IAllowAnonymous>() != null)
        {
            await _next(context);
            return;
        }

        // Note that the resource will be null if there is no matched endpoint
        var authorizeResult = await policyEvaluator.AuthorizeAsync(policy, authenticateResult, context, resource: endpoint);

        if (authorizeResult.Challenged)
        {
            if (policy.AuthenticationSchemes.Any())
            {
                foreach (var scheme in policy.AuthenticationSchemes)
                {
                    await context.ChallengeAsync(scheme);
                }
            }
            else
            {
                await context.ChallengeAsync();
            }

            return;
        }
        else if (authorizeResult.Forbidden)
        {
            if (policy.AuthenticationSchemes.Any())
            {
                foreach (var scheme in policy.AuthenticationSchemes)
                {
                    await context.ForbidAsync(scheme);
                }
            }
            else
            {
                await context.ForbidAsync();
            }

            return;
        }

        await _next(context);
    }
}

代码中核心拦截并获得AuthorizeFilter过滤器的代码

var authorizeData = endpoint?.Metadata.GetOrderedMetadata() ?? Array.Empty();
前面我分享过一篇关于 Asp.Net Core EndPoint 终结点路由工作原理解读 的文章里面讲解到通过EndPoint终结点路由来获取Controller和Action中的Attribute特性标注,这里也是通过该方法来拦截获取对于的AuthorizeAttribute的.
而获取到相关authorizeData授权数据后,下面的一系列代码都是通过判断来进行AuthorizeAsync授权执行的方法,这里就不详细分享它的授权认证的过程了。
细心的同学应该已经发现上面的代码有一个比较特殊的代码:

if (endpoint?.Metadata.GetMetadata() != null)
{

  await _next(context);
  return;

}
代码中通过endpoint终结点路由来获取是否标注有AllowAnonymous的特性,如果有则直接执行下一个中间件,不进行下面的AuthorizeAsync授权认证方法,
这也是为什么Controller和Action上标注AllowAnonymous可以跳过授权认证的原因了。

AuthorizeFilter 源码
有的人会问AuthorizeAttirbute和AuthorizeFilter有什么关系呢?它们是一个东西吗?
我们再来看看AuthorizeFilter源代码,代码如下:

public class AuthorizeFilter : IAsyncAuthorizationFilter, IFilterFactory
{

    /// <summary>
    /// Initializes a new <see cref="AuthorizeFilter"/> instance.
    /// </summary>
    public AuthorizeFilter()
        : this(authorizeData: new[] { new AuthorizeAttribute() })
    {
    }

    /// <summary>
    /// Initialize a new <see cref="AuthorizeFilter"/> instance.
    /// </summary>
    /// <param name="policy">Authorization policy to be used.</param>
    public AuthorizeFilter(AuthorizationPolicy policy)
    {
        if (policy == null)
        {
            throw new ArgumentNullException(nameof(policy));
        }

        Policy = policy;
    }

    /// <summary>
    /// Initialize a new <see cref="AuthorizeFilter"/> instance.
    /// </summary>
    /// <param name="policyProvider">The <see cref="IAuthorizationPolicyProvider"/> to use to resolve policy names.</param>
    /// <param name="authorizeData">The <see cref="IAuthorizeData"/> to combine into an <see cref="IAuthorizeData"/>.</param>
    public AuthorizeFilter(IAuthorizationPolicyProvider policyProvider, IEnumerable<IAuthorizeData> authorizeData)
        : this(authorizeData)
    {
        if (policyProvider == null)
        {
            throw new ArgumentNullException(nameof(policyProvider));
        }

        PolicyProvider = policyProvider;
    }

    /// <summary>
    /// Initializes a new instance of <see cref="AuthorizeFilter"/>.
    /// </summary>
    /// <param name="authorizeData">The <see cref="IAuthorizeData"/> to combine into an <see cref="IAuthorizeData"/>.</param>
    public AuthorizeFilter(IEnumerable<IAuthorizeData> authorizeData)
    {
        if (authorizeData == null)
        {
            throw new ArgumentNullException(nameof(authorizeData));
        }

        AuthorizeData = authorizeData;
    }

    /// <summary>
    /// Initializes a new instance of <see cref="AuthorizeFilter"/>.
    /// </summary>
    /// <param name="policy">The name of the policy to require for authorization.</param>
    public AuthorizeFilter(string policy)
        : this(new[] { new AuthorizeAttribute(policy) })
    {
    }

    /// <summary>
    /// The <see cref="IAuthorizationPolicyProvider"/> to use to resolve policy names.
    /// </summary>
    public IAuthorizationPolicyProvider PolicyProvider { get; }

    /// <summary>
    /// The <see cref="IAuthorizeData"/> to combine into an <see cref="IAuthorizeData"/>.
    /// </summary>
    public IEnumerable<IAuthorizeData> AuthorizeData { get; }

    /// <summary>
    /// Gets the authorization policy to be used.
    /// </summary>
    /// <remarks>
    /// If<c>null</c>, the policy will be constructed using
    /// <see cref="AuthorizationPolicy.CombineAsync(IAuthorizationPolicyProvider, IEnumerable{IAuthorizeData})"/>.
    /// </remarks>
    public AuthorizationPolicy Policy { get; }

    bool IFilterFactory.IsReusable => true;

    // Computes the actual policy for this filter using either Policy or PolicyProvider + AuthorizeData
    private Task<AuthorizationPolicy> ComputePolicyAsync()
    {
        if (Policy != null)
        {
            return Task.FromResult(Policy);
        }

        if (PolicyProvider == null)
        {
            throw new InvalidOperationException(
                Resources.FormatAuthorizeFilter_AuthorizationPolicyCannotBeCreated(
                    nameof(AuthorizationPolicy),
                    nameof(IAuthorizationPolicyProvider)));
        }

        return AuthorizationPolicy.CombineAsync(PolicyProvider, AuthorizeData);
    }

    internal async Task<AuthorizationPolicy> GetEffectivePolicyAsync(AuthorizationFilterContext context)
    {
        // Combine all authorize filters into single effective policy that's only run on the closest filter
        var builder = new AuthorizationPolicyBuilder(await ComputePolicyAsync());
        for (var i = 0; i < context.Filters.Count; i++)
        {
            if (ReferenceEquals(this, context.Filters[i]))
            {
                continue;
            }

            if (context.Filters[i] is AuthorizeFilter authorizeFilter)
            {
                // Combine using the explicit policy, or the dynamic policy provider
                builder.Combine(await authorizeFilter.ComputePolicyAsync());
            }
        }

        var endpoint = context.HttpContext.GetEndpoint();
        if (endpoint != null)
        {
            // When doing endpoint routing, MVC does not create filters for any authorization specific metadata i.e [Authorize] does not
            // get translated into AuthorizeFilter. Consequently, there are some rough edges when an application uses a mix of AuthorizeFilter
            // explicilty configured by the user (e.g. global auth filter), and uses endpoint metadata.
            // To keep the behavior of AuthFilter identical to pre-endpoint routing, we will gather auth data from endpoint metadata
            // and produce a policy using this. This would mean we would have effectively run some auth twice, but it maintains compat.
            var policyProvider = PolicyProvider ?? context.HttpContext.RequestServices.GetRequiredService<IAuthorizationPolicyProvider>();
            var endpointAuthorizeData = endpoint.Metadata.GetOrderedMetadata<IAuthorizeData>() ?? Array.Empty<IAuthorizeData>();

            var endpointPolicy = await AuthorizationPolicy.CombineAsync(policyProvider, endpointAuthorizeData);
            if (endpointPolicy != null)
            {
                builder.Combine(endpointPolicy);
            }
        }

        return builder.Build();
    }

    /// <inheritdoc />
    public virtual async Task OnAuthorizationAsync(AuthorizationFilterContext context)
    {
        if (context == null)
        {
            throw new ArgumentNullException(nameof(context));
        }

        if (!context.IsEffectivePolicy(this))
        {
            return;
        }

        // IMPORTANT: Changes to authorization logic should be mirrored in security's AuthorizationMiddleware
        var effectivePolicy = await GetEffectivePolicyAsync(context);
        if (effectivePolicy == null)
        {
            return;
        }

        var policyEvaluator = context.HttpContext.RequestServices.GetRequiredService<IPolicyEvaluator>();

        var authenticateResult = await policyEvaluator.AuthenticateAsync(effectivePolicy, context.HttpContext);

        // Allow Anonymous skips all authorization
        if (HasAllowAnonymous(context))
        {
            return;
        }

        var authorizeResult = await policyEvaluator.AuthorizeAsync(effectivePolicy, authenticateResult, context.HttpContext, context);

        if (authorizeResult.Challenged)
        {
            context.Result = new ChallengeResult(effectivePolicy.AuthenticationSchemes.ToArray());
        }
        else if (authorizeResult.Forbidden)
        {
            context.Result = new ForbidResult(effectivePolicy.AuthenticationSchemes.ToArray());
        }
    }

    IFilterMetadata IFilterFactory.CreateInstance(IServiceProvider serviceProvider)
    {
        if (Policy != null || PolicyProvider != null)
        {
            // The filter is fully constructed. Use the current instance to authorize.
            return this;
        }

        Debug.Assert(AuthorizeData != null);
        var policyProvider = serviceProvider.GetRequiredService<IAuthorizationPolicyProvider>();
        return AuthorizationApplicationModelProvider.GetFilter(policyProvider, AuthorizeData);
    }

    private static bool HasAllowAnonymous(AuthorizationFilterContext context)
    {
        var filters = context.Filters;
        for (var i = 0; i < filters.Count; i++)
        {
            if (filters[i] is IAllowAnonymousFilter)
            {
                return true;
            }
        }

        // When doing endpoint routing, MVC does not add AllowAnonymousFilters for AllowAnonymousAttributes that
        // were discovered on controllers and actions. To maintain compat with 2.x,
        // we'll check for the presence of IAllowAnonymous in endpoint metadata.
        var endpoint = context.HttpContext.GetEndpoint();
        if (endpoint?.Metadata?.GetMetadata<IAllowAnonymous>() != null)
        {
            return true;
        }

        return false;
    }
}

代码中继承了 IAsyncAuthorizationFilter, IFilterFactory两个抽象接口,分别来看看这两个抽象接口的源代码

IAsyncAuthorizationFilter源代码如下:
///
/// A filter that asynchronously confirms request authorization.
///
public interface IAsyncAuthorizationFilter : IFilterMetadata
{

///定义了授权的方法
Task OnAuthorizationAsync(AuthorizationFilterContext context);

}
IAsyncAuthorizationFilter代码中继承了IFilterMetadata接口,同时定义了OnAuthorizationAsync抽象方法,子类需要实现该方法,然而AuthorizeFilter中也已经实现了该方法,稍后再来详细讲解该方法,我们再继续看看IFilterFactory抽象接口,代码如下:

public interface IFilterFactory : IFilterMetadata
{

   
bool IsReusable { get; }

//创建IFilterMetadata 对象方法
IFilterMetadata CreateInstance(IServiceProvider serviceProvider);

}
我们回到AuthorizeFilter 源代码中,该源代码中提供了四个构造初始化方法同时包含了AuthorizeData、Policy属性,我们看看它的默认构造方法代码

public class AuthorizeFilter : IAsyncAuthorizationFilter, IFilterFactory
{

    public IEnumerable<IAuthorizeData> AuthorizeData { get; }

    //默认构造函数中默认创建了AuthorizeAttribute 对象
    public AuthorizeFilter()
        : this(authorizeData: new[] { new AuthorizeAttribute() })
    {
    }

    //赋值AuthorizeData
    public AuthorizeFilter(IEnumerable<IAuthorizeData> authorizeData)
    {
        if (authorizeData == null)
        {
            throw new ArgumentNullException(nameof(authorizeData));
        }

        AuthorizeData = authorizeData;
    }

}
上面的代码中默认的构造函数默认给构建了一个AuthorizeAttribute对象,并且赋值给了IEnumerable的集合属性;
好了,看到这里AuthorizeFilter过滤器也是默认构造了一个AuthorizeAttribute的对象,也就是构造了授权所需要的IAuthorizeData信息.
同时AuthorizeFilter实现的OnAuthorizationAsync方法中通过GetEffectivePolicyAsync这个方法获得有效的授权策略,并且进行下面的授权AuthenticateAsync的执行
AuthorizeFilter代码中提供了HasAllowAnonymous方法来实现是否Controller或者Action上标注了AllowAnonymous特性,用于跳过授权
HasAllowAnonymous代码如下:

private static bool HasAllowAnonymous(AuthorizationFilterContext context)
{

 var filters = context.Filters;
 for (var i = 0; i < filters.Count; i++)
 {
    if (filters[i] is IAllowAnonymousFilter)
    {
       return true;
    }
 }
 //同样通过上下文的endpoint 来获取是否标注了AllowAnonymous特性
 var endpoint = context.HttpContext.GetEndpoint();
 if (endpoint?.Metadata?.GetMetadata<IAllowAnonymous>() != null)
 {
    return true;
 }

 return false;

}
到这里我们再回到全局添加过滤器的方式代码:

services.AddControllers(options=>options.Filters.Add(new AuthorizeFilter()));
分析到这里 ,我很是好奇,它是怎么全局添加进去的呢?我打开源代码看了下,源代码如下:

public class MvcOptions : IEnumerable
{

    public MvcOptions()
    {
        CacheProfiles = new Dictionary<string, CacheProfile>(StringComparer.OrdinalIgnoreCase);
        Conventions = new List<IApplicationModelConvention>();
        Filters = new FilterCollection();
        FormatterMappings = new FormatterMappings();
        InputFormatters = new FormatterCollection<IInputFormatter>();
        OutputFormatters = new FormatterCollection<IOutputFormatter>();
        ModelBinderProviders = new List<IModelBinderProvider>();
        ModelBindingMessageProvider = new DefaultModelBindingMessageProvider();
        ModelMetadataDetailsProviders = new List<IMetadataDetailsProvider>();
        ModelValidatorProviders = new List<IModelValidatorProvider>();
        ValueProviderFactories = new List<IValueProviderFactory>();
    }

    //过滤器集合
    public FilterCollection Filters { get; }

}

FilterCollection相关核心代码如下:

public class FilterCollection : Collection
{

    
    public IFilterMetadata Add<TFilterType>() where TFilterType : IFilterMetadata
    {
        return Add(typeof(TFilterType));
    }

    //其他核心代码为贴出来

}
代码中提供了Add方法,约束了IFilterMetadata类型的对象,这也是上面的过滤器中为什么都继承了IFilterMetadata的原因。
到这里代码解读和实现原理已经分析完了,如果有分析不到位之处还请多多指教!!!

结论:授权中间件通过获取IAuthorizeData来获取AuthorizeAttribute对象相关的授权信息,并构造授权策略对象进行授权认证的,而AuthorizeFilter过滤器也会默认添加AuthorizeAttribute的授权相关数据IAuthorizeData并实现OnAuthorizationAsync方法,同时中间件中通过授权策略提供者IAuthorizationPolicyProvider来获得对于的授权策略进行授权认证.

作者:Jlion

原文地址https://www.cnblogs.com/jlion/p/12544205.html

文章标签:
.NET
前端开发
安全
API
中间件
开发框架
关键词:
.NET源码
.NETCore
ASP.NET源码
ASP源码
ASP Core
优惠码优惠
目录
相关文章
追逐时光者
|
10天前
|
数据可视化 网络协议 C#
C#/.NET/.NET Core优秀项目和框架2024年3月简报
公众号每月定期推广和分享的C#/.NET/.NET Core优秀项目和框架(每周至少会推荐两个优秀的项目和框架当然节假日除外),公众号推文中有项目和框架的介绍、功能特点、使用方式以及部分功能截图等(打不开或者打开GitHub很慢的同学可以优先查看公众号推文,文末一定会附带项目和框架源码地址)。注意:排名不分先后,都是十分优秀的开源项目和框架,每周定期更新分享(欢迎关注公众号:追逐时光者,第一时间获取每周精选分享资讯🔔)。
追逐时光者
37 1
源码星辰
|
11天前
|
开发框架 安全 .NET
ASP.NET三甲医院手术麻醉信息管理系统源码 对接麻醉机、监护仪、血气分析仪
辅助医院建设 •支持三级医院评级需求 •支持智慧医院评级需求 •支持互联互通评级需求 •支持电子病历评级需求
源码星辰
16 0
爱笑的源码基地
|
4天前
|
开发框架 前端开发 JavaScript
采用C#.Net +JavaScript 开发的云LIS系统源码 二级医院应用案例有演示
技术架构:Asp.NET CORE 3.1 MVC + SQLserver + Redis等 开发语言:C# 6.0、JavaScript 前端框架:JQuery、EasyUI、Bootstrap 后端框架:MVC、SQLSugar等 数 据 库:SQLserver 2012
爱笑的源码基地
8 0
源码星辰
|
23天前
|
数据采集 存储 监控
.NET智慧手术室管理平台源码
术前访视记录单、手术风险评估表、手术安全核查表、自费药品或耗材、麻醉知情同意书、麻醉记录单、分娩镇痛记录单、麻醉复苏单、术后镇痛记录单、术后访视记录单、压伤风险评估量表、手术清点记录单、护理记录单、输血护理记录单。
源码星辰
26 0
源码星辰
|
1月前
|
开发框架 搜索推荐 .NET
ASP.NET体检中心源码,实现检前、检中、检后全流程管理
健康体检系统遵循整个健康体检的实际流程,以提高工作效率、降低错检、防止漏检提高人性化服务水平为目的,在体检过程中可以高效、自动化、人性化的处理数据与提供服务。针对体检流程中工作强度在时间分配上不均匀等特点,解决了体检信息处理效率问题,在不增加体检中心人力资源投入或少投入的基础上,提升信息处理的效率,从而突破体检中心日处理体检人数的上限,为体检中心创造更大经济效益的同时,还能有效的降低体检工作者的劳动强度。
源码星辰
35 5
追逐时光者
|
1月前
|
开发框架 人工智能 .NET
C#/.NET/.NET Core拾遗补漏合集(持续更新)
C#/.NET/.NET Core拾遗补漏合集(持续更新)
追逐时光者
15 1
GoodTime
|
1月前
|
开发框架 中间件 .NET
C# .NET面试系列七:ASP.NET Core
## 第一部分:ASP.NET Core #### 1. 如何在 controller 中注入 service? 在.NET中,在ASP.NET Core应用程序中的Controller中注入服务通常使用<u>依赖注入(Dependency Injection)</u>来实现。以下是一些步骤,说明如何在Controller中注入服务: 1、创建服务 首先,确保你已经在应用程序中注册了服务。这通常在Startup.cs文件的ConfigureServices方法中完成。例如: ```c# services.AddScoped<IMyService, MyService>(); //
GoodTime
60 0
源码星辰
|
2月前
|
开发框架 前端开发 .NET
ASP.NET云LIS区域检验云SaaS平台源码
云LIS区域检验平台由BS架构组成。统一接入区域内全部的检验数据,通过检验云,实现区域内检验信息数据共享,通过区域质控模块,对各个分支机构产生的报告进行质控,从而实现检验结果互认。同时,对各医疗机构上传的样本检验数据进行统一管理。
源码星辰
45 1
ASP.NET云LIS区域检验云SaaS平台源码
老码识途
|
2月前
|
开发框架 前端开发 .NET
福利来袭,.NET Core开发5大案例,30w字PDF文档大放送!!!
为了便于大家查找,特将之前开发的.Net Core相关的五大案例整理成文,共计440页,32w字,免费提供给大家,文章底部有PDF下载链接。
老码识途
32 1
福利来袭,.NET Core开发5大案例,30w字PDF文档大放送!!!
追逐时光者
|
2月前
|
算法 BI API
C#/.NET/.NET Core优秀项目和框架2024年1月简报
C#/.NET/.NET Core优秀项目和框架2024年1月简报
追逐时光者
66 2
为什么选择阿里云什么是云计算全球基础设施技术领先稳定可靠安全合规分析师报告
产品和定价全部产品免费试用产品动态产品定价价格计算器云上成本管理
解决方案技术解决方案
文档与社区文档开发者社区天池大赛培训与认证
权益中心免费试用高校计划企业扶持计划推荐返现计划
支持与服务基础服务企业增值服务迁云服务官网公告健康看板信任中心
关注阿里云
关注阿里云公众号或下载阿里云APP,关注云资讯,随时随地运维管控云服务
阿里云APP阿里云微信
联系我们:4008013260
法律声明Cookies政策廉正举报安全举报联系我们加入我们
阿里巴巴集团淘宝网天猫全球速卖通阿里巴巴国际交易市场1688阿里妈妈飞猪阿里云计算AliOS万网高德UC友盟优酷钉钉支付宝达摩院淘宝海外阿里云盘饿了么
© 2009-2024 Aliyun.com 版权所有 增值电信业务经营许可证: 浙B2-20080101 域名注册服务机构许可: 浙D3-20210002 京D3-20220015
浙公网安备 33010602009975号浙B2-20080101-4