我有一个使用Azure广告身份验证连接用户的Aspnet Core应用程序。
将来,我可能需要使用多种身份验证方案,因此我希望在用户未通过身份验证时将其重定向到我的登录页面“ / Home / SignIn”或“ / Account / SignIn”,然后再重定向到该页面包含用于发送身份验证质询的按钮。
这是我的入门班:
public void ConfigureServices(IServiceCollection services)
{
services.AddSingleton<IGraphAuthProvider, GraphAuthProvider>();
services.AddTransient<IGraphSdkHelper, GraphSdkHelper>();
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
/*
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options)).AddCookie();*/
services.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddAzureAd(options => Configuration.Bind("AzureAd", options))
.AddCookie();
services.AddSession();
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
options.Authority = options.Authority + "/v2.0/"; // Microsoft identity platform
options.TokenValidationParameters.ValidateIssuer = false;// accept several tenants (here simplified)
});
//services.ConfigureApplicationCookie(options => options.LoginPath = "/Home/SignIn");
services.AddMvc(/*options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}*/)
.SetCompatibilityVersion(CompatibilityVersion.Version_2_1)
.AddJsonOptions(options => options.SerializerSettings.ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore);
services.AddDbContext<ApplicationDbContext>(x => x.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.AddOData();
// Create the Bot Framework Adapter with error handling enabled.
services.AddSingleton<IBotFrameworkHttpAdapter, AdapterWithErrorHandler>();
// Create a global hashset for our ConversationReferences
services.AddSingleton<ConcurrentDictionary<string, ConversationReference>>();
// Create the bot as a transient. In this case the ASP Controller is expecting an IBot.
services.AddTransient<IBot, ProactiveBot>();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseStaticFiles();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseHsts();
app.UseStatusCodePagesWithReExecute("/Error/{0}");
app.UseHttpsRedirection();
}
app.UseDeveloperExceptionPage();
//app.UseStatusCodePagesWithReExecute("/Error/{0}");
app.UseCookiePolicy();
app.UseSession();
app.UseAuthentication();
app.UseMvc(routeBuilder =>
{
routeBuilder.EnableDependencyInjection();
routeBuilder.Expand().Count().Filter().Select().OrderBy();
routeBuilder.MapRoute("default", "{controller=Home}/{action=Index}");
});
//app.UseMvcWithDefaultRoute();
}
您能告诉我什么是正确的方法吗? 我发现了有关此问题的几个主题,但这并不是我的背景。
谢谢