我的应用程序在网关后运行,并有一个中间件,用于处理设置上下文的pathbase属性。
PathBase将设置为" / identity /&#34 ;;
然后在配置服务中使用以下身份验证设置将无法正常工作,除非我明确添加现在注释掉的行。
authentication.AddOpenIdConnect("AAD", "Azure Active Directory", options =>
{
// options.CorrelationCookie.Path = "/identity/aad-signin-oidc";
// options.NonceCookie.Path = "/identity/aad-signin-oidc";
options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
options.SignOutScheme = IdentityServerConstants.SignoutScheme;
options.CallbackPath = "/aad-signin-oidc";
options.Authority = "https://login.microsoftonline.com/common";
options.ClientId = appRegistration.SelectToken("$.appId").ToString();// "f98fa34a-2aa2-4ff4-b7bf-a7ef5ab1890b";
options.Scope.Add("openid");
options.Scope.Add("profile");
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = false
};
options.GetClaimsFromUserInfoEndpoint = true;
options.Events.OnRedirectToIdentityProvider = (r) =>
{
// r.ProtocolMessage.RedirectUri = r.ProtocolMessage.RedirectUri.Replace("identity//", "identity/");
return Task.CompletedTask;
};
});