如何将 ASPNetIdentity 转换为 OpenIdConnect
How to convert ASPNetIdentity to OpenIdConnect
我有一个使用 .NET Framework 4.6 AspNetIdentity 的项目,我正在尝试升级它以使用 OpenIdConnect。有没有人使用 .NET Framework 4.6 将 ASPNetIdentity 替换为 OpenIdConnect 成功?
我查看了 owin 示例和一些 .NET core 2.0 快速入门示例,例如 these,但它们似乎与我要完成的目标不兼容。
我正在尝试专门添加类似于以下代码片段的内容,这些代码片段取自上述示例之一:
services.AddAuthentication(options =>
{
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "oidc";
});
.AddCookie("Cookies")
.AddOpenIdConnect("oidc", options =>
{
options.SignInScheme = "Cookies";
options.Authority = "http://xxx.xxx.xxx.xxx:5000";
options.RequireHttpsMetadata = false;
options.ClientId = "foo";
options.ClientSecret = "secret";
options.ResponseType = "code id_token";
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.Scope.Add("api1");
options.Scope.Add("offline_access");
});
我需要类似于我的 Startup.cs 文件的 ConfigureServices() 方法中 IServiceCollection 服务参数的 AddAuthentication() 扩展的东西,以便能够允许客户端通过 IdentityServer4 登录。
在 .net framework 中,您可以使用 Startup.Auth.cs 文件中的 Microsoft.Owin.Security.OpenIdConnect 库配置 OpenID Connect,例如:
public void ConfigureAuth(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = Authority,
PostLogoutRedirectUri = redirectUri,
RedirectUri = redirectUri,
Notifications = new OpenIdConnectAuthenticationNotifications()
{
//
// If there is a code in the OpenID Connect response, redeem it for an access token and refresh token, and store those away.
//
AuthenticationFailed = OnAuthenticationFailed
}
});
}
private Task OnAuthenticationFailed(AuthenticationFailedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> context)
{
context.HandleResponse();
context.Response.Redirect("/Home/Error?message=" + context.Exception.Message);
return Task.FromResult(0);
}
感谢您的回复!我会说 @Nan Yu 可能得到的答案最接近我想出的解决方案,但我想我会分享我最终在 [=15= 的 Configure() 方法中得到的结果] 文件。
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
...
var openidOptions = new OpenIdConnectOptions(authenticationScheme)
{
ClientSecret = secret,
AutomaticAuthenticate = true,
SignInScheme = "Identity.External",
Authority = identityServerAddress,
ClientId = clientId,
RequireHttpsMetadata = true,
ResponseType = OpenIdConnectResponseType.CodeIdToken,
AutomaticChallenge= true,
GetClaimsFromUserInfoEndpoint = true,
SaveTokens = true,
Events = new OpenIdConnectEvents
{
OnRemoteSignOut = async remoteSignOutContext =>
{
remoteSignOutContext.HttpContext.Session.Clear();
},
},
};
openidOptions.Scope.Clear();
openidOptions.Scope.Add("openid");
app.UseOpenIdConnectAuthentication(openidOptions);
将此添加到我的 .NET Framework 4.6 客户端最终让我成功地与我的 .NET Core 2.0 身份服务器通信!我感谢所有试图提供帮助的人:)
我有一个使用 .NET Framework 4.6 AspNetIdentity 的项目,我正在尝试升级它以使用 OpenIdConnect。有没有人使用 .NET Framework 4.6 将 ASPNetIdentity 替换为 OpenIdConnect 成功?
我查看了 owin 示例和一些 .NET core 2.0 快速入门示例,例如 these,但它们似乎与我要完成的目标不兼容。
我正在尝试专门添加类似于以下代码片段的内容,这些代码片段取自上述示例之一:
services.AddAuthentication(options =>
{
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "oidc";
});
.AddCookie("Cookies")
.AddOpenIdConnect("oidc", options =>
{
options.SignInScheme = "Cookies";
options.Authority = "http://xxx.xxx.xxx.xxx:5000";
options.RequireHttpsMetadata = false;
options.ClientId = "foo";
options.ClientSecret = "secret";
options.ResponseType = "code id_token";
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.Scope.Add("api1");
options.Scope.Add("offline_access");
});
我需要类似于我的 Startup.cs 文件的 ConfigureServices() 方法中 IServiceCollection 服务参数的 AddAuthentication() 扩展的东西,以便能够允许客户端通过 IdentityServer4 登录。
在 .net framework 中,您可以使用 Startup.Auth.cs 文件中的 Microsoft.Owin.Security.OpenIdConnect 库配置 OpenID Connect,例如:
public void ConfigureAuth(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = Authority,
PostLogoutRedirectUri = redirectUri,
RedirectUri = redirectUri,
Notifications = new OpenIdConnectAuthenticationNotifications()
{
//
// If there is a code in the OpenID Connect response, redeem it for an access token and refresh token, and store those away.
//
AuthenticationFailed = OnAuthenticationFailed
}
});
}
private Task OnAuthenticationFailed(AuthenticationFailedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> context)
{
context.HandleResponse();
context.Response.Redirect("/Home/Error?message=" + context.Exception.Message);
return Task.FromResult(0);
}
感谢您的回复!我会说 @Nan Yu 可能得到的答案最接近我想出的解决方案,但我想我会分享我最终在 [=15= 的 Configure() 方法中得到的结果] 文件。
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
...
var openidOptions = new OpenIdConnectOptions(authenticationScheme)
{
ClientSecret = secret,
AutomaticAuthenticate = true,
SignInScheme = "Identity.External",
Authority = identityServerAddress,
ClientId = clientId,
RequireHttpsMetadata = true,
ResponseType = OpenIdConnectResponseType.CodeIdToken,
AutomaticChallenge= true,
GetClaimsFromUserInfoEndpoint = true,
SaveTokens = true,
Events = new OpenIdConnectEvents
{
OnRemoteSignOut = async remoteSignOutContext =>
{
remoteSignOutContext.HttpContext.Session.Clear();
},
},
};
openidOptions.Scope.Clear();
openidOptions.Scope.Add("openid");
app.UseOpenIdConnectAuthentication(openidOptions);
将此添加到我的 .NET Framework 4.6 客户端最终让我成功地与我的 .NET Core 2.0 身份服务器通信!我感谢所有试图提供帮助的人:)