如何使用 T-SQL 插入 Identity Server 4 持久的 ApiSecret 值

        new ApiResource("api1", "My API")
        {
            ApiSecrets = { new Secret("secret".Sha256())}
        }

        foreach(var resource in Config.GetApiResources())
        {
            context.ApiResources.Add(resource.ToEntity());
        }
        context.SaveChanges();

    K7gNU3sdo+OL0wNhqoVWhr3g6s1xYv72ol/pe/Unols=

3回答

12345678_0001

你在正确的轨道上使用HASHBYTES，只需要得到Base64散列BinaryHash：DECLARE @HASHBYTES VARBINARY(128) = hashbytes('sha2_256', 'secret')SELECT cast(N'' as xml).value('xs:base64Binary(sql:variable("@HASHBYTES"))', 'varchar(128)');

0

0

0

一只萌萌小番薯

希望这会有所帮助。CREATE FUNCTION [dbo].[ConvertToSha256ForIdentityServer](@secret varchar(128))RETURNS varchar(128) ASBEGIN    DECLARE @HASHBYTES VARBINARY(128) = hashbytes('sha2_256', @secret)    RETURN (SELECT top 1 cast(N'' as xml).value('xs:base64Binary(sql:variable("@HASHBYTES"))', 'varchar(128)'));END插入MERGE INTO dbo.[ClientSecrets] AS TARGETUSING (        VALUES         (dbo.ConvertToSha256ForIdentityServer('mysecret'),'SharedSecret',getdate(),1)      )      AS Source ([Value],[Type],[Created],[ClientId])ON Target.[ClientId] = source.[ClientId]WHEN matched THEN  UPDATE SET      [Value] = Source.[Value],      [Type] = Source.[Type]WHEN NOT matched BY target THEN  INSERT ([Value],[Type],[Created],[ClientId])  VALUES ([Value],[Type],[Created],[ClientId]);

0

0

0

侃侃尔雅

您可以使用下面的算法来创建秘密，然后您可以将其存储在 SQL 中：using System.Security.Cryptography;static class Extentions{    public static string Sha256(this string input)    {        using (SHA256 shA256 = SHA256.Create())        {            byte[] bytes = Encoding.UTF8.GetBytes(input);            return Convert.ToBase64String(((HashAlgorithm)shA256).ComputeHash(bytes));        }    }}void Main(){    Console.WriteLine( "secret-as-guid".Sha256());}你也可以使用passwordgenerator.net

0

0

0