在不指定元数据端点的情况下使用 OpenId Connect
Using OpenIdConnect without specifying metadata endpint
我正在 ASP.Net MVC C# 中开发一个依赖方,它应该在外部身份提供者中进行身份验证,我正在使用 Microsoft 的 owin 库。我遇到的问题是 Idp 没有公开元数据端点,即使我没有在配置中指定它,当我尝试联系 Idp 时也会抛出异常。
[InvalidOperationException: IDX10803: Unable to create to obtain
configuration from:
'https://domain.com/oidc/.well-known/openid-configuration'.]
我有以下代码片段:
var options = new OpenIdConnectAuthenticationOptions();
options.AuthenticationType = authenticationType;
options.ClientId = clientConfiguration.ClientID;
options.ClientSecret = AppSettings.ClientSecret;
options.Notifications = new OpenIdConnectAuthenticationNotifications
{
SecurityTokenValidated = n => ReceiveValidSecurityToken(n),
RedirectToIdentityProvider = n => ROSAddProtocolToken(n, clientConfiguration),
AuthenticationFailed = n => AuthenticationFailed(n),
};
options.Authority = AppSettings.Authority;
options.RedirectUri = clientConfiguration.GetPostLoginRedirectUri(clientConfiguration.CurrentCulture).ToString();
options.ResponseType = "code";
options.Scope = AppSettings.Scope;
options.ClientSecret = clientConfiguration.ClientSecret;
options.SignInAsAuthenticationType = CookieAuthenticationDefaults.AuthenticationType;
我的问题是,如何指定 MS Owin 库中的所有端点(授权、令牌、UserInfo、Jwls)?
Idp 需要以下设置:
范围:openid
Http 绑定:GET
响应类型:代码
令牌端点身份验证方法:client_secret_jwt
好吧,几个小时后我想出了如何指定端点。
var options = new OpenIdConnectAuthenticationOptions();
options.Configuration = new OpenIdConnectConfiguration
{
AuthorizationEndpoint = AppSettings.Authority + "/" + AutorizationEndpointSufix,
JwksUri = AppSettings.Authority + "/" + JwksEndpointSufix,
TokenEndpoint = AppSettings.Authority + "/" + TokenEndpointSufix,
UserInfoEndpoint = AppSettings.Authority + "/" + UserInfoEndpointSufix,
Issuer = AppSettings.Authority
};
如果您实例化配置 属性 那么它将忽略元数据。我设法从授权端点获得响应,只是想知道如何触发令牌端点,知道吗?
我正在 ASP.Net MVC C# 中开发一个依赖方,它应该在外部身份提供者中进行身份验证,我正在使用 Microsoft 的 owin 库。我遇到的问题是 Idp 没有公开元数据端点,即使我没有在配置中指定它,当我尝试联系 Idp 时也会抛出异常。
[InvalidOperationException: IDX10803: Unable to create to obtain configuration from: 'https://domain.com/oidc/.well-known/openid-configuration'.]
我有以下代码片段:
var options = new OpenIdConnectAuthenticationOptions();
options.AuthenticationType = authenticationType;
options.ClientId = clientConfiguration.ClientID;
options.ClientSecret = AppSettings.ClientSecret;
options.Notifications = new OpenIdConnectAuthenticationNotifications
{
SecurityTokenValidated = n => ReceiveValidSecurityToken(n),
RedirectToIdentityProvider = n => ROSAddProtocolToken(n, clientConfiguration),
AuthenticationFailed = n => AuthenticationFailed(n),
};
options.Authority = AppSettings.Authority;
options.RedirectUri = clientConfiguration.GetPostLoginRedirectUri(clientConfiguration.CurrentCulture).ToString();
options.ResponseType = "code";
options.Scope = AppSettings.Scope;
options.ClientSecret = clientConfiguration.ClientSecret;
options.SignInAsAuthenticationType = CookieAuthenticationDefaults.AuthenticationType;
我的问题是,如何指定 MS Owin 库中的所有端点(授权、令牌、UserInfo、Jwls)?
Idp 需要以下设置: 范围:openid Http 绑定:GET 响应类型:代码 令牌端点身份验证方法:client_secret_jwt
好吧,几个小时后我想出了如何指定端点。
var options = new OpenIdConnectAuthenticationOptions();
options.Configuration = new OpenIdConnectConfiguration
{
AuthorizationEndpoint = AppSettings.Authority + "/" + AutorizationEndpointSufix,
JwksUri = AppSettings.Authority + "/" + JwksEndpointSufix,
TokenEndpoint = AppSettings.Authority + "/" + TokenEndpointSufix,
UserInfoEndpoint = AppSettings.Authority + "/" + UserInfoEndpointSufix,
Issuer = AppSettings.Authority
};
如果您实例化配置 属性 那么它将忽略元数据。我设法从授权端点获得响应,只是想知道如何触发令牌端点,知道吗?