如何在多种身份验证方案中授权用户?

时间:2020-02-26 13:14:44

标签: asp.net-core authorization ws-federation

我已经在.net核心应用程序中实现了多种身份验证方案。

 services.AddAuthentication(
            sharedOptions =>
            {
                sharedOptions.DefaultScheme = Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme;
                sharedOptions.DefaultSignInScheme = Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme;
            })
            .AddCookie()
            .AddWsFederation("AuthenticationScheme1", options =>
            {
                options.Wtrealm = tenantList.Find(m => m.TenantID == 1).Wtrealm;
                options.MetadataAddress = tenantList.Find(m => m.TenantID == 1).MetadataAddress;
            })
            .AddWsFederation("AuthenticationScheme2", options =>
            {
                options.Wtrealm = tenantList.Find(m => m.TenantID == 2).Wtrealm;
                options.MetadataAddress = tenantList.Find(m => m.TenantID == 2).MetadataAddress;
            });

我想通过特定方案授权特定用户

1 个答案:

答案 0 :(得分:1)

您可以从中间件中的请求正文/报头中基于用户信息选​​择要验证的方案:

app.Use(async (context, next) =>
{
    //read userinfo from request body or header

    if ("xxx".Equals("allen@xx.com"))
    {
        var result = await context.AuthenticateAsync("YourSchemeName");
        if (!result.Succeeded)
        {
            context.Response.StatusCode = 401;  
            return;
        }

    }
    ....

    await next();
});
相关问题
最新问题