new ApiResource("api1", "api项目 一")
{ApiSecrets = { new Secret("api1pwd".Sha256()) }
},

//client credentials client
new Client
{ClientId = "client",// no interactive user, use the clientid/secret for authenticationAllowedGrantTypes = GrantTypes.ClientCredentials,    //Jwt = 0；Reference = 1支持撤销；AccessTokenType = AccessTokenType.Reference,// secret for authenticationClientSecrets ={new Secret("secret".Sha256()),new Secret("abc".Sha256())},// scopes that client has access toAllowedScopes = { "api1" }
},

// configure identity server with in-memory stores, keys, clients and scopes
services.AddIdentityServer().AddDeveloperSigningCredential().AddInMemoryApiResources(Config.GetApiResources()).AddInMemoryClients(Config.GetClients());

services.AddMvcCore().AddAuthorization().AddJsonFormatters();services.AddAuthentication("Bearer").AddIdentityServerAuthentication(options =>{options.Authority = "http://localhost:5000";options.RequireHttpsMetadata = false;options.ApiName = "api1";  options.ApiSecret = "api1pwd";  //对应ApiResources中的密钥});

[Route("[controller]")]
[Authorize]
public class IdentityController : ControllerBase
{[HttpGet]public IActionResult Get(){var info = from c in User.Claims select new { c.Type, c.Value };var list = info.ToList();list.Add(new { Type = "api1返回", Value = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss") });return new JsonResult(list);}
}

//credentials client
private void btnAuth_Click(object sender, EventArgs e)
{// discover endpoints from metadataTask<DiscoveryResponse> discoTask = DiscoveryClient.GetAsync(txtCCAuthSer.Text);discoTask.Wait();var disco = discoTask.Result;if (disco.IsError){MessageBox.Show(disco.Error, "提示信息", MessageBoxButtons.OK, MessageBoxIcon.Information);txtCCResult.Text = string.Empty;txtAccessToken.Text = string.Empty;return;}// request tokenvar tokenClient = new TokenClient(disco.TokenEndpoint, txtCCClient.Text, txtCCSecret.Text);Task<TokenResponse> tokenTask = tokenClient.RequestClientCredentialsAsync(txtCCScopes.Text);tokenTask.Wait();var tokenResponse = tokenTask.Result;if (tokenResponse.IsError){MessageBox.Show(tokenResponse.Error, "提示信息", MessageBoxButtons.OK, MessageBoxIcon.Information);txtCCResult.Text = string.Empty;txtAccessToken.Text = string.Empty;return;}txtCCResult.Text = tokenResponse.Json.ToString();txtAccessToken.Text = tokenResponse.AccessToken;
}

private void btnCallApi_Click(object sender, EventArgs e)
{// call apivar client = new HttpClient();client.SetBearerToken(txtAccessToken.Text);var responseTask = client.GetAsync(txtCCApiUrl.Text);responseTask.Wait();var response = responseTask.Result;if (!response.IsSuccessStatusCode){MessageBox.Show(response.StatusCode.ToString(), "提示信息", MessageBoxButtons.OK, MessageBoxIcon.Information);txtApiResult.Text = string.Empty;}else{var contentTask = response.Content.ReadAsStringAsync();contentTask.Wait();var content = contentTask.Result;txtApiResult.Text = JArray.Parse(content).ToString();}
}

POST /connect/token HTTP/1.1
Connection: Keep-Alive
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Authorization: Basic Y2xpZW50OnNlY3JldA==
Expect: 100-continue
Host: localhost:5000
MS-ASPNETCORE-TOKEN: 08de58f6-58ee-4f05-8d95-3829dde6ae09
X-Forwarded-For: [::1]:12112
X-Forwarded-Proto: http
Content-Length: 40
grant_type=client_credentials&scope=api1