我有一个可用的.NET Core 3.0 MVC网站,使用AzureAD进行身份验证,一切正常。我已经开始将某些前端页面迁移到Blazor(在同一项目中),但无法进行身份验证。
我已经将@attribute [Authorize]标记添加到Index.razor的顶部,但是没有像将其添加到标准ASP.NET MVC控制器中那样重定向到Azure进行登录。
Startup.ConfigureServices
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOpenIdConnect(options =>
{
Configuration.GetSection("OpenIdConnect").Bind(options);
});
services.AddAuthorizationCore(options =>
{
options.AddPolicy(Policies.AccessRole, Policies.IsAccessPolicy());
options.AddPolicy(Policies.AdminRole, Policies.IsAdminPolicy());
});
Startup.Configure
app.UseAuthentication();
app.UseAuthorization();
Index.razor
@page "/"
@attribute [Authorize(Policy = Policies.AccessRole)]
政策
public static class Policies
{
public const string AccessRole = "Access";
public const string AdminRole = "Admin";
public static AuthorizationPolicy IsAccessPolicy()
{
return new AuthorizationPolicyBuilder().RequireAuthenticatedUser()
.RequireRole(AccessRole)
.Build();
}
public static AuthorizationPolicy IsAdminPolicy()
{
return new AuthorizationPolicyBuilder().RequireAuthenticatedUser()
.RequireRole(AdminRole)
.Build();
}
}
如果我导航到MVC页面,则通过AzureAD进行身份验证,如果然后返回到Blazor页面,则可以成功使用以下内容
<AuthorizeView Policy="@Policies.AccessRole">
<p>Is in Access policy.</p>
</AuthorizeView>
<AuthorizeView Policy="@Policies.AdminRole">
<p>Is in Admin policy.</p>
</AuthorizeView>
总而言之,使用[Authorize]属性时,我的Blazor页面不会自动发出身份验证质询。
有人知道我在做什么错吗?
更新
它是按设计的 https://github.com/aspnet/AspNetCore/issues/13709
作为一种解决方法,我添加了一个组件以重定向到登录页面
App.razor
<Router AppAssembly="@typeof(Program).Assembly">
<Found Context="routeData">
<AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)">
<NotAuthorized>
<AuthChallenge></AuthChallenge>
</NotAuthorized>
</AuthorizeRouteView>
</Found>
<NotFound>
<CascadingAuthenticationState>
<LayoutView Layout="@typeof(MainLayout)">
<p>Sorry, there's nothing at this address.</p>
</LayoutView>
</CascadingAuthenticationState>
</NotFound>
</Router>
AuthCallenge.razor
@inject NavigationManager Navigation
@code {
protected override void OnInitialized()
{
Navigation.NavigateTo("/Account/SignIn", true);
}
}
答案 0 :(得分:2)
看看您的App.razor文件。您使用RouteView还是AuthorizeRouteView?
您需要按照"ASP.NET Core Blazor authentication and authorization" page中的说明定义AuthorizeRouteView。
<Router AppAssembly="@typeof(Program).Assembly">
<Found Context="routeData">
<AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)">
<NotAuthorized>
<h1>Sorry</h1>
<p>You're not authorized to reach this page.</p>
<p>You may need to log in as a different user.</p>
</NotAuthorized>
<Authorizing>
<h1>Authentication in progress</h1>
<p>Only visible while authentication is in progress.</p>
</Authorizing>
</AuthorizeRouteView>
</Found>
<NotFound>
<CascadingAuthenticationState>
<LayoutView Layout="@typeof(MainLayout)">
<h1>Sorry</h1>
<p>Sorry, there's nothing at this address.</p>
</LayoutView>
</CascadingAuthenticationState>
</NotFound>
如果缺少该组件,似乎AuthorizeAttribute并不会做很多事情。