我有一个简单的 .NET 8 razor 页面测试应用程序,我尝试利用 Azure B2C 租户进行身份验证。我在 program.cs 文件中配置了 Azure AD B2C,并且已向所有页面添加了授权,以便始终引导未经身份验证的用户登录,但我不是获取 azure b2c 登录页面,而是不断引导至 https: //localhost:7027/MicrosoftIdentity/Account/Error,这会导致 404 错误。我在 Visual Studio 的调试模式下执行此操作。我不确定我可能配置错误,因为在此之前我在 B2C 方面没有任何实际经验。
程序.cs
using Microsoft.Extensions.Configuration;
using Microsoft.Identity.Web;
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
builder.Services.AddRazorPages();
// Add Azure AD B2C authentication
builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAdB2C"));
builder.Services.AddAuthorization();
// Apply [Authorize] attribute globally
builder.Services.AddRazorPages(options =>
{
options.Conventions.AuthorizePage("/");
options.Conventions.AuthorizeFolder("/");
});
var app = builder.Build();
// Configure the HTTP request pipeline.
if (!app.Environment.IsDevelopment())
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.MapRazorPages();
app.Run();
应用程序设置.json
{
"AzureAdB2C": {
"Instance": "https://<my-tenant-name>.b2clogin.com",
"Domain": "<my-tenant-name>.onmicrosoft.com",
"TenantId": "<my-tenant-id>",
"ClientId": "<my-client-id>",
"ClientSecret": "<my-client-secret>",
"CallbackPath": "/signin-oidc",
"SignUpSignInPolicyId": "<my-signinsignup-policy>",
"ResetPasswordPolicyId": "<my-passwordreset-policy>",
"EditProfilePolicyId": "<my-profileediting-policy>"
},
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
},
"AllowedHosts": "*"
}
我在向 Azure AD B2C 进行身份验证时遇到了相同的错误,该错误消息与 Azure AD B2C 无法在租户中找到“b2c-extension-app”相关。
我创建了一个示例应用程序并成功配置了 Azure B2C 身份验证。
Program.cs:
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc.Authorization;
using Microsoft.Identity.Web;
using Microsoft.Identity.Web.UI;
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd"));
builder.Services.AddAuthorization(options =>
{
options.FallbackPolicy = options.DefaultPolicy;
});
builder.Services.AddRazorPages()
.AddMicrosoftIdentityUI();
var app = builder.Build();
if (!app.Environment.IsDevelopment())
{
app.UseExceptionHandler("/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.MapRazorPages();
app.MapControllers();
app.Run();
appsettings.json:
{
"AzureAd": {
"Instance": "https://{ Azure B2C Domain Name}.b2clogin.com/",
"Domain": "{ Azure B2C Domain Name}.onmicrosoft.com",
"TenantId": "<Tenant-id>",
"ClientId": "<Client-id>",
"CallbackPath": "/signin-oidc",
"SignUpSignInPolicyId": "B2C_1_signupsignindemo",
"SignedOutCallbackPath": "/signout/B2C_1_susi",
"ResetPasswordPolicyId": "b2c_1_reset",
"EditProfilePolicyId": "b2c_1_edit_profile",
"EnablePiiLogging": true
},
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
},
"AllowedHosts": "*"
}
我已成功通过 Azure B2C 身份验证。
输出: