启动时配置IdentityServer3.Admin
Configuration of IdentityServer3.Admin in Startup
我正在试用 IdentityServer3.Admin 测试版 (https://github.com/IdentityServer/IdentityServer3.Admin),但在设置时遇到了一些问题,而且似乎找不到任何指导。
我已经设置了 IdentityManager 项目,所以我将其用作目前为止的指南,但 IdentityAdminServiceFactory 似乎缺少像 IdentityManagerServiceFactory 那样的配置方法。
这是我目前拥有的 Startup.cs 文件中的代码。非常感谢收到任何帮助!
谢谢。
app.Map("/admin", adminApp =>
{
var factory = new IdentityAdminServiceFactory();
//factory.Configure() or something would go here???
adminApp.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies"
});
adminApp.UseWsFederationAuthentication(new WsFederationAuthenticationOptions
{
MetadataAddress = ConfigurationManager.AppSettings["AzureADMetadataEndpoint"],
Wtrealm = ConfigurationManager.AppSettings["AzureADApplicationId"],
SignInAsAuthenticationType = "Cookies",
Notifications = new WsFederationAuthenticationNotifications
{
SecurityTokenValidated = ctx =>
{
var roleClaim = new Claim("role", "IdentityManagerAdministrator");
ctx.AuthenticationTicket.Identity.AddClaim(roleClaim);
return Task.FromResult(0);
}
}
});
adminApp.UseIdentityAdmin(new IdentityAdminOptions
{
Factory = factory,
AdminSecurityConfiguration = new AdminHostSecurityConfiguration
{
HostAuthenticationType = "Cookies",
NameClaimType = ClaimTypes.Name,
RoleClaimType = "role",
AdminRoleName = "IdentityManagerAdministrator"
}
});
});
好的,感谢 Twitter 上一位贡献者的帮助,我已经解决了这个问题。所以对于遇到同样问题的其他人,这就是我的工作方式。
我还必须安装第二个软件包 IdentityServer3.Admin.EntityFramework。在 github 上的那个 repo 中,还有一个示例项目 (https://github.com/IdentityServer/IdentityServer3.Admin.EntityFramework/tree/master/source/Host)
使用该代码作为指导,我实现了自己的 IdentityManagerAdminService 以及工厂的扩展方法,其中 "IdServer3" 是我在 Web.config 中到我的 ID 服务器数据库的连接字符串.
public class IdentityAdminManagerService : IdentityAdminCoreManager<IdentityClient, int, IdentityScope, int>
{
public IdentityAdminManagerService()
: base("IdServer3")
{
}
}
public static class IdentityAdminManagerServiceExtensions
{
public static void Configure(this IdentityAdminServiceFactory factory)
{
factory.IdentityAdminService = new Registration<IIdentityAdminService, IdentityAdminManagerService>();
}
}
现在,在我的 Startup.cs 文件中,我有以下内容,当我点击 ID 服务器上的 /admin 路径时,它按预期工作。请注意,WsFederationAuthentication 部分不是必需的。我正在使用 Azure Active Directory 来保护管理部分,这就是我在那里设置的原因。
app.Map("/admin", adminApp =>
{
var factory = new IdentityAdminServiceFactory();
factory.Configure();
adminApp.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies"
});
adminApp.UseWsFederationAuthentication(new WsFederationAuthenticationOptions
{
MetadataAddress = ConfigurationManager.AppSettings["AzureADMetadataEndpoint"],
Wtrealm = ConfigurationManager.AppSettings["AzureADApplicationId"],
SignInAsAuthenticationType = "Cookies",
Notifications = new WsFederationAuthenticationNotifications
{
SecurityTokenValidated = ctx =>
{
var roleClaim = new Claim("role", "IdentityManagerAdministrator");
ctx.AuthenticationTicket.Identity.AddClaim(roleClaim);
return Task.FromResult(0);
}
}
});
adminApp.UseIdentityAdmin(new IdentityAdminOptions
{
Factory = factory,
AdminSecurityConfiguration = new AdminHostSecurityConfiguration
{
HostAuthenticationType = "Cookies",
NameClaimType = ClaimTypes.Name,
RoleClaimType = "role",
AdminRoleName = "IdentityManagerAdministrator"
}
});
});
我正在试用 IdentityServer3.Admin 测试版 (https://github.com/IdentityServer/IdentityServer3.Admin),但在设置时遇到了一些问题,而且似乎找不到任何指导。
我已经设置了 IdentityManager 项目,所以我将其用作目前为止的指南,但 IdentityAdminServiceFactory 似乎缺少像 IdentityManagerServiceFactory 那样的配置方法。
这是我目前拥有的 Startup.cs 文件中的代码。非常感谢收到任何帮助!
谢谢。
app.Map("/admin", adminApp =>
{
var factory = new IdentityAdminServiceFactory();
//factory.Configure() or something would go here???
adminApp.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies"
});
adminApp.UseWsFederationAuthentication(new WsFederationAuthenticationOptions
{
MetadataAddress = ConfigurationManager.AppSettings["AzureADMetadataEndpoint"],
Wtrealm = ConfigurationManager.AppSettings["AzureADApplicationId"],
SignInAsAuthenticationType = "Cookies",
Notifications = new WsFederationAuthenticationNotifications
{
SecurityTokenValidated = ctx =>
{
var roleClaim = new Claim("role", "IdentityManagerAdministrator");
ctx.AuthenticationTicket.Identity.AddClaim(roleClaim);
return Task.FromResult(0);
}
}
});
adminApp.UseIdentityAdmin(new IdentityAdminOptions
{
Factory = factory,
AdminSecurityConfiguration = new AdminHostSecurityConfiguration
{
HostAuthenticationType = "Cookies",
NameClaimType = ClaimTypes.Name,
RoleClaimType = "role",
AdminRoleName = "IdentityManagerAdministrator"
}
});
});
好的,感谢 Twitter 上一位贡献者的帮助,我已经解决了这个问题。所以对于遇到同样问题的其他人,这就是我的工作方式。
我还必须安装第二个软件包 IdentityServer3.Admin.EntityFramework。在 github 上的那个 repo 中,还有一个示例项目 (https://github.com/IdentityServer/IdentityServer3.Admin.EntityFramework/tree/master/source/Host)
使用该代码作为指导,我实现了自己的 IdentityManagerAdminService 以及工厂的扩展方法,其中 "IdServer3" 是我在 Web.config 中到我的 ID 服务器数据库的连接字符串.
public class IdentityAdminManagerService : IdentityAdminCoreManager<IdentityClient, int, IdentityScope, int>
{
public IdentityAdminManagerService()
: base("IdServer3")
{
}
}
public static class IdentityAdminManagerServiceExtensions
{
public static void Configure(this IdentityAdminServiceFactory factory)
{
factory.IdentityAdminService = new Registration<IIdentityAdminService, IdentityAdminManagerService>();
}
}
现在,在我的 Startup.cs 文件中,我有以下内容,当我点击 ID 服务器上的 /admin 路径时,它按预期工作。请注意,WsFederationAuthentication 部分不是必需的。我正在使用 Azure Active Directory 来保护管理部分,这就是我在那里设置的原因。
app.Map("/admin", adminApp =>
{
var factory = new IdentityAdminServiceFactory();
factory.Configure();
adminApp.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies"
});
adminApp.UseWsFederationAuthentication(new WsFederationAuthenticationOptions
{
MetadataAddress = ConfigurationManager.AppSettings["AzureADMetadataEndpoint"],
Wtrealm = ConfigurationManager.AppSettings["AzureADApplicationId"],
SignInAsAuthenticationType = "Cookies",
Notifications = new WsFederationAuthenticationNotifications
{
SecurityTokenValidated = ctx =>
{
var roleClaim = new Claim("role", "IdentityManagerAdministrator");
ctx.AuthenticationTicket.Identity.AddClaim(roleClaim);
return Task.FromResult(0);
}
}
});
adminApp.UseIdentityAdmin(new IdentityAdminOptions
{
Factory = factory,
AdminSecurityConfiguration = new AdminHostSecurityConfiguration
{
HostAuthenticationType = "Cookies",
NameClaimType = ClaimTypes.Name,
RoleClaimType = "role",
AdminRoleName = "IdentityManagerAdministrator"
}
});
});