当前,使用PingFederate身份验证的Microsoft.Owin.Security.WsFederation SSO对应用程序进行身份验证。很好现在是新要求:在同一应用程序中的页面之一上单击按钮时,它应该在线集成到Office 365 Excel。为此,用户需要使用Office365凭据进行身份验证。
在我的示例演示中,当没有WsFederate和ping federate SSO身份验证时,我能够使用OpenIdConnect和Azure AD进行身份验证。但是,当我将现有代码与新的OpenIDConnect代码合并时,一切都会失败。作为Office365 Excel在线连接的一部分,我还需要使用Microsoft.Graph.Auth。
“启动类”中我当前的工作代码:
public void ConfigureAuth(IAppBuilder app)
{
app.SetLoggerFactory(new DiagnosticsLoggerFactory());
app.Use((context, next) =>
{
// Depending on the handler the request gets mapped to, a session might not be enabled. Force it on.
HttpContextBase httpContext = context.Get<HttpContextBase>(typeof(HttpContextBase).FullName);
httpContext.SetSessionStateBehavior(SessionStateBehavior.Required);
return next();
});
// SetSessionStateBehavior must be called before AcquireState
app.UseStageMarker(PipelineStage.MapHandler);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
CookieHttpOnly = true,
CookieSecure = CookieSecureOption.Never,
AuthenticationMode = AuthenticationMode.Active,
AuthenticationType = WsFederationAuthenticationDefaults.AuthenticationType,
Provider = new CookieAuthenticationProvider
{
OnException = context =>
{
System.Diagnostics.EventLog.WriteEntry("WsFed-Exception", context.Exception.Message + "\n" + context.Exception.StackTrace );
}
},
ExpireTimeSpan = TimeSpan.FromHours(4.00),
SlidingExpiration = true,
CookieManager = new SystemWebCookieManager()
});
app.UseWsFederationAuthentication(
new WsFederationAuthenticationOptions
{
MetadataAddress = ConfigurationManager.AppSettings[Constants.IDA_FEDERATION_METATADATA_LOCATION],
Wtrealm = ConfigurationManager.AppSettings[Constants.IDA_FEDERATION_REALM],
UseTokenLifetime = false,
SignInAsAuthenticationType = WsFederationAuthenticationDefaults.AuthenticationType
});
}
如何向其中添加OpenIdConnect?
当使用WsFederate通过ping对应用程序进行身份验证时,是否可以将OpenIdConnect集成到同一应用程序启动类中?
请引导我。