gpt4 book ai didi

asp.net - 重定向后记住 QueryString 参数的 IdentityServer 客户端示例

转载 作者:行者123 更新时间:2023-12-04 03:39:02 25 4
gpt4 key购买 nike

当未经身份验证的用户在客户端网站上打开安全页面的 URL 时,他/她重定向到身份服务器进行登录,成功登录后返回客户端的主页(使用客户端/身份服务器的默认实现时)。
github上的问题RedirectUris with callback params does not work解释说记住 QueryString 是客户的责任,并有以下建议:

If you need to maintain state across the redirects, then issue a cookie client side or pass data via the official state param. You generally want to use the state parameter as a pointer to locally persisted data - e.g. a cookie. Create a cookie with a random name - store whatever needs to be stored there - round trip the cookie name as the state parameter. Just putting data on state has the issue that someone could potentially modify the values on the way back.



问题 Identity server 3 MVC client state parameter有类似的推荐:

Store state in your app about the redirect path you want after login. After IdSvr logs your user in and redirect back to your one well-known callback URI you then read that state to know where to send the user. IOW, keep track of that in store state in your app about the redirect path you want after login. If you put it in the ProtocolMessage.State , then be aware that someone can tamper with it. If you protect the state (sign/encrypt), then it's ok. It might be easier/safer to keep that state in your app.



由于这是一个非常典型的场景,我希望有人有这样的实现的例子。 任何人都可以分享示例代码/引用某些文章吗?

有关我的特定场景的更多信息:

我的客户是 Web 表单站点,其实现类似于 IdentityServer3.Samples WebFormsClient .
1.用户打开 https://mydomain/mypage?querystringparams2.在Web.config我有
  <authorization>
<deny users="?" />
</authorization>

3.在客户端Startup.cs中进行相关设置
new OpenIdConnectAuthenticationOptions
{
Authority = "http://localhost:5000/",//IdentityServer4 Host
RedirectUri ="https://mydomain/"
}

4.在IdentityServer上相关设置
new Client
{
RedirectUris = { "https://mydomain/" , "http://mydomain/" }
}
  • 登录后用户重定向到 https://mydomain/ ,但需要重定向到 https://mydomain/mypage?querystringparams
  • 最佳答案

    我还没有研究过 WebFormsClient。但是如果你可以使用 OpenIdConnectAuthentication Owin 中间件(在 OwinClient 示例中使用)重定向应该自动发生。如果不支持 OWIN 中间件,您可以手动处理。看看https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source/Clients/MvcCodeFlowClientManual样本。在那里您可以控制状态参数并自己处理重定向。

    例如:
    AccountController/SignIn()您可以获得redirectUri从查询字符串中提取并将其添加到发送到身份服务器的 authorization endpoint 的状态参数中.

    然后在 AccountController/SignInCallback()您可以检索 state 参数并将用户重定向到他输入的 URL。

    使用 OwinAuthentication 中间件,这应该自动处理。

    关于asp.net - 重定向后记住 QueryString 参数的 IdentityServer 客户端示例,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44350529/

    25 4 0
    Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
    广告合作:1813099741@qq.com 6ren.com