Identity Server3:Windows身份验证:AuthenticationResult始终失败

时间:2016-11-23 14:49:34

标签: windows-authentication identityserver3

我正在使用Thinktecture Identity Server 3(OWIN和Katana),并且能够使其适用于资源所有者流程而不会出现问题。

然而,当涉及到对Windows用户进行身份验证时,虽然我可以在调试时看到我的自定义UserService确实验证了用户并返回了一个肯定的AuthenticationResult,但它失败了。

有没有人在实施过程中遇到过这种情况?

我将在这里发布自定义UserService的代码

public class ActiveDirectoryUserService : IUserService
{
    private const string Domain = "xxxxx";

    public Task PreAuthenticateAsync(PreAuthenticationContext context)
    {
        return Task.FromResult<AuthenticateResult>(null);
    }

    public Task AuthenticateLocalAsync(LocalAuthenticationContext context)
    {
        try
        {
            using (var pc = new PrincipalContext(ContextType.Domain, Domain))
            {
                if (pc.ValidateCredentials(context.UserName, context.Password))
                {
                    using (
                        var user = UserPrincipal.FindByIdentity(pc, IdentityType.SamAccountName, context.UserName))
                    {
                        if (user != null)
                        {
                            return
                                Task.FromResult(new AuthenticateResult(context.UserName, context.UserName, identityProvider: "windows"));
                        }
                    }
                }

                // The user name or password is incorrect
                return Task.FromResult<AuthenticateResult>(null);
            }
        }
        catch
        {
            // Server error
            return Task.FromResult<AuthenticateResult>(null);
        }
    }

    public Task AuthenticateExternalAsync(ExternalAuthenticationContext context)
    {
        return Task.FromResult<AuthenticateResult>(null);
    }

    public Task PostAuthenticateAsync(PostAuthenticationContext context)
    {
        return Task.FromResult<AuthenticateResult>(context.AuthenticateResult);
    }

    public Task SignOutAsync(SignOutContext context)
    {
        return Task.FromResult<AuthenticateResult>(null);
    }

    public Task GetProfileDataAsync(ProfileDataRequestContext context)
    {
        using (var pc = new PrincipalContext(ContextType.Domain, Domain))
        {
            using (var user = UserPrincipal.FindByIdentity(pc, IdentityType.SamAccountName, context.Subject.Identity.Name))
            {
                if (user != null)
                {
                    var identity = new ClaimsIdentity();
                    identity.AddClaims(new[]
                    {
                        new Claim(Constants.ClaimTypes.Name, user.DisplayName),
                        new Claim(Constants.ClaimTypes.Email, user.EmailAddress)
                    });

                    if (context.RequestedClaimTypes != null)
                        return Task.FromResult(identity.Claims.Where(x => context.RequestedClaimTypes.Contains(x.Type)));

                    return Task.FromResult(identity.Claims);
                }
            }
            return Task.FromResult<IEnumerable<Claim>>(null);
        }
    }

    public Task IsActiveAsync(IsActiveContext context)
    {
        return Task.FromResult(context.IsActive);
    }
}

The response is always invalid username and password

1 个答案:

答案 0 :(得分:0)

return Task.FromResult(new AuthenticateResult(context.UserName, context.UserName, identityProvider: "windows"));

错了。它应该是:

context.AuthenticateResult = new AuthenticateResult( context.UserName, context.UserName); return Task.FromResult(0);

相关问题
最新问题