gpt4 book ai didi

Azure Active Directory 和 owin 身份验证

转载 作者:行者123 更新时间:2023-12-02 06:21:49 26 4
gpt4 key购买 nike

刚刚遇到了 azure ad applicationS 和 owin openid 身份验证的奇怪问题。重现该问题。

1.在 vs 2015 中创建一个带有 azure 广告身份验证的 Web 应用程序,选择云应用程序模板。

2.让标准代码保持原样。

3.让startup.auth保持原样。

4.在本地运行应用程序,它工作正常。

5.现在在启动àauth中更改代码如下

public partial class Startup
{
private static string clientId = ConfigurationManager.AppSettings["ida:ClientId"];
private static string appKey = ConfigurationManager.AppSettings["ida:ClientSecret"];
private static string aadInstance = ConfigurationManager.AppSettings["ida:AADInstance"];
private static string tenantId = ConfigurationManager.AppSettings["ida:TenantId"];
private static string postLogoutRedirectUri = ConfigurationManager.AppSettings["ida:PostLogoutRedirectUri"];

public static readonly string Authority = aadInstance + tenantId;

// This is the resource ID of the AAD Graph API. We'll need this to request a token to call the Graph API.
string graphResourceId = "https://graph.windows.net";

private static readonly log4net.ILog logger = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);

public void ConfigureAuth(IAppBuilder app)
{
ApplicationDbContext db = new ApplicationDbContext();

app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
logger.Debug("SetDefaultSignInAsAuthenticationType called");
//app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseCookieAuthentication(
new CookieAuthenticationOptions
{
Provider = new CookieAuthenticationProvider
{
OnResponseSignIn = ctx =>
{
//logger.Debug("OnResponseSignIn called");
////ctx.Identity = TransformClaims(ctx.Identity);
//logger.Debug("TransformClaims called");
}
}
});

app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = Authority,
PostLogoutRedirectUri = postLogoutRedirectUri,

Notifications = new OpenIdConnectAuthenticationNotifications()
{
// If there is a code in the OpenID Connect response, redeem it for an access token and refresh token, and store those away.
AuthorizationCodeReceived = (context) =>
{
var code = context.Code;
ClientCredential credential = new ClientCredential(clientId, appKey);
string signedInUserID = context.AuthenticationTicket.Identity.FindFirst(ClaimTypes.NameIdentifier).Value;
logger.Debug("OnResponseSignIn called");
logger.Debug("signedInUserID =" + signedInUserID);
TransformClaims(context.AuthenticationTicket.Identity);
logger.Debug("TransformClaims called");
AuthenticationContext authContext = new AuthenticationContext(Authority, new ADALTokenCache(signedInUserID));
AuthenticationResult result = authContext.AcquireTokenByAuthorizationCode(
code, new Uri(HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Path)), credential, graphResourceId);



return Task.FromResult(0);
},



// we use this notification for injecting our custom logic
SecurityTokenValidated = (context) =>
{
logger.Debug("SecurityTokenReceived called");
//TransformClaims(); //pass the identity
return Task.FromResult(0);
},


}
});
}


private static void TransformClaims(System.Security.Claims.ClaimsIdentity identity)
{
if (identity != null && identity.IsAuthenticated == true)
{
var usserobjectid = identity.FindFirst(ConfigHelpers.Azure_ObjectIdClaimType).Value;
((System.Security.Claims.ClaimsIdentity)identity).AddClaim(new System.Security.Claims.Claim("DBID", "999"));
((System.Security.Claims.ClaimsIdentity)identity).AddClaim(new System.Security.Claims.Claim("Super","True"));
}

// return identity;
}

}

6.在本地运行应用程序它将完美运行。

7.在azure网站上部署应用程序,启动auth owin通知方法永远不会被调用。但是应用程序可以运行,但身份转换不能

有人可以帮忙解决一下这是怎么回事吗? azure 的广告应用程序不支持 cookie 或通知不触发或代码有任何问题。

只是为了重新断言除了startup.àuth之外,没有更改标准代码。

最佳答案

我知道这有点老了,但我最近遇到了完全相同的问题,并花了几个小时试图理解为什么它在 Azure 中不起作用,但在我的本地主机中却运行得很好。

这基本上是一个配置问题:在 Portal.azure.com 中选择您的应用,然后转到设置 > 身份验证/授权,并确保应用服务身份验证处于关闭状态。

事实证明,此设置将接管您的startup.auth 设置。

我必须完全相信 Vittorio Bertocci 向我指出的这一点。

关于Azure Active Directory 和 owin 身份验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/32527093/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com