我有一个使用.NET Framework 4.6 AspNetIdentity的项目,我正在尝试升级它以使用OpenIdConnect。有没有人使用.NET Framework 4.6取代ASPNetIdentity和OpenIdConnect?
我查看了owin示例和一些.NET核心2.0快速入门示例,例如these,但它们似乎与我想要完成的内容不兼容。
我正在尝试专门添加类似于以上代码片段中的以下代码片段:
services.AddAuthentication(options =>
{
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "oidc";
});
.AddCookie("Cookies")
.AddOpenIdConnect("oidc", options =>
{
options.SignInScheme = "Cookies";
options.Authority = "http://xxx.xxx.xxx.xxx:5000";
options.RequireHttpsMetadata = false;
options.ClientId = "foo";
options.ClientSecret = "secret";
options.ResponseType = "code id_token";
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.Scope.Add("api1");
options.Scope.Add("offline_access");
});
我需要类似于我的Startup.cs文件的ConfigureServices()方法中的IServiceCollection服务参数的AddAuthentication()扩展,以允许客户端通过IdentityServer4登录。
在.net框架中,您可以使用Microsoft.Owin.Security.OpenIdConnect文件中的Startup.Auth.cs库配置OpenID Connect,例如:
public void ConfigureAuth(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = Authority,
PostLogoutRedirectUri = redirectUri,
RedirectUri = redirectUri,
Notifications = new OpenIdConnectAuthenticationNotifications()
{
//
// If there is a code in the OpenID Connect response, redeem it for an access token and refresh token, and store those away.
//
AuthenticationFailed = OnAuthenticationFailed
}
});
}
private Task OnAuthenticationFailed(AuthenticationFailedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> context)
{
context.HandleResponse();
context.Response.Redirect("/Home/Error?message=" + context.Exception.Message);
return Task.FromResult(0);
}
谢谢你的回复!我会说@Nan Yu可能得到了最接近我提出的解决方案的答案,但我想我会分享我最终在Startup.cs文件的Configure()方法中得到的结果。
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
...
var openidOptions = new OpenIdConnectOptions(authenticationScheme)
{
ClientSecret = secret,
AutomaticAuthenticate = true,
SignInScheme = "Identity.External",
Authority = identityServerAddress,
ClientId = clientId,
RequireHttpsMetadata = true,
ResponseType = OpenIdConnectResponseType.CodeIdToken,
AutomaticChallenge= true,
GetClaimsFromUserInfoEndpoint = true,
SaveTokens = true,
Events = new OpenIdConnectEvents
{
OnRemoteSignOut = async remoteSignOutContext =>
{
remoteSignOutContext.HttpContext.Session.Clear();
},
},
};
openidOptions.Scope.Clear();
openidOptions.Scope.Add("openid");
app.UseOpenIdConnectAuthentication(openidOptions);
将此添加到我的.NET Framework 4.6客户端最终让我成功与我的.NET Core 2.0 Identity Server通信!我感谢所有试图帮助的人:)