我正在尝试使用IdentityServer3.Admin测试版(https://github.com/IdentityServer/IdentityServer3.Admin),但在设置它时遇到了一些问题,似乎无法找到任何指导。
我已经设置了IdentityManager项目,所以我已经使用它作为指南来获取我现在的,但IdentityAdminServiceFactory似乎缺少像IdentityManagerServiceFactory那样的配置方法。
这是我到目前为止我的Startup.cs文件中的代码。任何帮助都感激不尽!
感谢。
app.Map("/admin", adminApp =>
{
var factory = new IdentityAdminServiceFactory();
//factory.Configure() or something would go here???
adminApp.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies"
});
adminApp.UseWsFederationAuthentication(new WsFederationAuthenticationOptions
{
MetadataAddress = ConfigurationManager.AppSettings["AzureADMetadataEndpoint"],
Wtrealm = ConfigurationManager.AppSettings["AzureADApplicationId"],
SignInAsAuthenticationType = "Cookies",
Notifications = new WsFederationAuthenticationNotifications
{
SecurityTokenValidated = ctx =>
{
var roleClaim = new Claim("role", "IdentityManagerAdministrator");
ctx.AuthenticationTicket.Identity.AddClaim(roleClaim);
return Task.FromResult(0);
}
}
});
adminApp.UseIdentityAdmin(new IdentityAdminOptions
{
Factory = factory,
AdminSecurityConfiguration = new AdminHostSecurityConfiguration
{
HostAuthenticationType = "Cookies",
NameClaimType = ClaimTypes.Name,
RoleClaimType = "role",
AdminRoleName = "IdentityManagerAdministrator"
}
});
});
答案 0 :(得分:6)
好的,所以感谢来自Twitter上的一位贡献者的帮助,我对此进行了分类。所以对于有同样问题的其他人来说,这就是我的工作方式。
我还必须安装第二个包IdentityServer3.Admin.EntityFramework。在github上的repo中,还有一个示例项目(https://github.com/IdentityServer/IdentityServer3.Admin.EntityFramework/tree/master/source/Host)
使用该代码作为指导,我实现了自己的IdentityManagerAdminService以及工厂的扩展方法,其中"IdServer3"是我Web.config中我的ID Server DB的连接字符串。< / p>
public class IdentityAdminManagerService : IdentityAdminCoreManager<IdentityClient, int, IdentityScope, int>
{
public IdentityAdminManagerService()
: base("IdServer3")
{
}
}
public static class IdentityAdminManagerServiceExtensions
{
public static void Configure(this IdentityAdminServiceFactory factory)
{
factory.IdentityAdminService = new Registration<IIdentityAdminService, IdentityAdminManagerService>();
}
}
现在在我的Startup.cs文件中,我有以下内容,当我点击ID服务器上的/admin路径时,它按预期工作。请注意,WsFederationAuthentication部分不是必需的。我正在使用Azure Active Directory来保护管理部分,这就是我在那里的原因。
app.Map("/admin", adminApp =>
{
var factory = new IdentityAdminServiceFactory();
factory.Configure();
adminApp.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies"
});
adminApp.UseWsFederationAuthentication(new WsFederationAuthenticationOptions
{
MetadataAddress = ConfigurationManager.AppSettings["AzureADMetadataEndpoint"],
Wtrealm = ConfigurationManager.AppSettings["AzureADApplicationId"],
SignInAsAuthenticationType = "Cookies",
Notifications = new WsFederationAuthenticationNotifications
{
SecurityTokenValidated = ctx =>
{
var roleClaim = new Claim("role", "IdentityManagerAdministrator");
ctx.AuthenticationTicket.Identity.AddClaim(roleClaim);
return Task.FromResult(0);
}
}
});
adminApp.UseIdentityAdmin(new IdentityAdminOptions
{
Factory = factory,
AdminSecurityConfiguration = new AdminHostSecurityConfiguration
{
HostAuthenticationType = "Cookies",
NameClaimType = ClaimTypes.Name,
RoleClaimType = "role",
AdminRoleName = "IdentityManagerAdministrator"
}
});
});