在.Net上当我创建一个Open ID连接身份验证选项我有一个属性来设置RedirectUri这甚至被定义为文档中的建议,但AspNetCore上没有这样的属性它会自动设置为当前服务器EX :(http://localhost),有没有办法改变这个?
试图为此找到解决方案我遇到了新的AspNetCore身份验证的许多缺点,这个生产准备就绪还是只是WIP?
答案 0 :(得分:3)
在摆弄这个后,我发现你必须为OnRedirectToIdentityProvider事件设置一个事件监听器。
services.AddOpenIdConnect(options =>
{
Configuration.Bind("<Json Config Filter>", options);
options.Events.OnRedirectToIdentityProvider = async context =>
{
context.ProtocolMessage.RedirectUri = "<Return URI String>";
await Task.FromResult(0);
};
});
答案 1 :(得分:0)
我正在更改架构如下
public static void AddCookieAuthentication(this IServiceCollection services, IConfiguration configuration)
{
_configuration = configuration;
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOpenIdConnect(options =>
{
options.TokenValidationParameters.AuthenticationType = IdentityConstants.ApplicationScheme;
options.ResponseType = "code";
options.MetadataAddress = configuration["Authentication:Cognito:MetadataAddress"];
options.ClientId = configuration["Authentication:Cognito:ClientId"];
options.ClientSecret = configuration["Authentication:Cognito:ClientSecret"];
options.GetClaimsFromUserInfoEndpoint = true;
options.Scope.Add("openid");
options.Scope.Add("profile");
options.Scope.Add("email");
options.Scope.Add("aws.cognito.signin.user.admin");
options.Events = new OpenIdConnectEvents
{
// this makes signout working
OnRedirectToIdentityProviderForSignOut = OnRedirectToIdentityProviderForSignOut,
OnRedirectToIdentityProvider = OnRedirectToIdentityProvider,
};
});
}
private static Task OnRedirectToIdentityProvider(RedirectContext ctx)
{
ctx.Options.Events.OnRedirectToIdentityProvider = async context =>
{
**context.ProtocolMessage.RedirectUri = context.ProtocolMessage.RedirectUri.Replace("http:", "https:");**
await Task.FromResult(0);
};
return Task.CompletedTask;
}