我有一个使用.NET Framework 4.6 AspNetIdentity的项目,并且我正在尝试对其进行升级以使用OpenIdConnect。是否有人成功使用.NET Framework 4.6用OpenIdConnect替换ASPNetIdentity?
我研究了owin示例和一些.NET Core 2.0快速入门示例,例如these,但它们似乎与我要完成的工作不兼容。
我正在尝试专门添加类似于上面示例之一的以下代码片段的内容:
services.AddAuthentication(options =>
{
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "oidc";
});
.AddCookie("Cookies")
.AddOpenIdConnect("oidc", options =>
{
options.SignInScheme = "Cookies";
options.Authority = "http://xxx.xxx.xxx.xxx:5000";
options.RequireHttpsMetadata = false;
options.ClientId = "foo";
options.ClientSecret = "secret";
options.ResponseType = "code id_token";
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.Scope.Add("api1");
options.Scope.Add("offline_access");
});
我需要类似于Startup.cs文件的ConfigureServices()方法中IServiceCollection服务参数的AddAuthentication()扩展名的某些内容,以便允许客户端通过IdentityServer4登录。
答案 0 :(得分:0)
在.net框架中,您可以使用Microsoft.Owin.Security.OpenIdConnect
文件中的Startup.Auth.cs
库来配置OpenID Connect,例如:
public void ConfigureAuth(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = Authority,
PostLogoutRedirectUri = redirectUri,
RedirectUri = redirectUri,
Notifications = new OpenIdConnectAuthenticationNotifications()
{
//
// If there is a code in the OpenID Connect response, redeem it for an access token and refresh token, and store those away.
//
AuthenticationFailed = OnAuthenticationFailed
}
});
}
private Task OnAuthenticationFailed(AuthenticationFailedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> context)
{
context.HandleResponse();
context.Response.Redirect("/Home/Error?message=" + context.Exception.Message);
return Task.FromResult(0);
}
答案 1 :(得分:0)
感谢您的答复!我想说@Nan Yu可能得到的答案最终与我想出的解决方案最接近,但是我认为我会在Startup.cs文件的Configure()方法中分享最终最终得到的结果。
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
...
var openidOptions = new OpenIdConnectOptions(authenticationScheme)
{
ClientSecret = secret,
AutomaticAuthenticate = true,
SignInScheme = "Identity.External",
Authority = identityServerAddress,
ClientId = clientId,
RequireHttpsMetadata = true,
ResponseType = OpenIdConnectResponseType.CodeIdToken,
AutomaticChallenge= true,
GetClaimsFromUserInfoEndpoint = true,
SaveTokens = true,
Events = new OpenIdConnectEvents
{
OnRemoteSignOut = async remoteSignOutContext =>
{
remoteSignOutContext.HttpContext.Session.Clear();
},
},
};
openidOptions.Scope.Clear();
openidOptions.Scope.Add("openid");
app.UseOpenIdConnectAuthentication(openidOptions);
将此添加到我的.NET Framework 4.6客户端中最终使我能够与.NET Core 2.0 Identity Server成功通信!感谢所有尝试提供帮助的人:)