我想在成功验证后检索我可以通过GET / POST请求将其发送到另一个应用程序的ID Token。
场景如下:
使用Microsoft.AspNetCore.Authentication.OpenIdConnect,我无法弄清楚如何检索ID令牌,以便我可以正确转发它。
我已经使用VS2015模板进行ASP.NET Core 1.0 Web应用程序并正确配置了身份验证(这可行)
现在我需要以某种方式获得令牌,但我无法弄清楚如何。
app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions()
{
ClientId = Configuration["Authentication:AzureAd:ClientId"],
Authority = Configuration["Authentication:AzureAd:AADInstance"] + "Common",
CallbackPath = Configuration["Authentication:AzureAd:CallbackPath"],
TokenValidationParameters = new TokenValidationParameters
{
// Instead of using the default validation (validating against a single issuer value, as we do in line of business apps),
// we inject our own multitenant validation logic
ValidateIssuer = false,
// If the app is meant to be accessed by entire organizations, add your issuer validation logic here.
//IssuerValidator = (issuer, securityToken, validationParameters) => {
// if (myIssuerValidationLogic(issuer)) return issuer;
//}
},
Events = new OpenIdConnectEvents
{
OnTicketReceived = (context) =>
{
// If your authentication logic is based on users then add your logic here
return Task.FromResult(0);
},
OnAuthenticationFailed = (context) =>
{
context.Response.Redirect("/Home/Error");
context.HandleResponse(); // Suppress the exception
return Task.FromResult(0);
},
// If your application needs to do authenticate single users, add your user validation below.
//OnTokenValidated = (context) =>
//{
// return myUserValidationLogic(context.Ticket.Principal);
//}
}
});
我想我应该可以使用OnTicketReceived在TicketReceivedContext事件中获取它?
答案 0 :(得分:1)
我使用了错误的事件。
在OnTokenValidated事件中,您可以访问context.SecurityToken.RawData,这是收到的原始令牌,而且正是我所需要的。
答案 1 :(得分:0)
你也可以试试这个:
string idToken = string.Empty;
if (ctx.Properties.Items.ContainsKey(".Token.id_token"))
{
idToken = ctx.Properties.Items[".Token.id_token"];
}