在C#中设置Azure ACS
[英]Azure ACS Set Up in C#
问题描述
I am looking at several examples for using ACS, and decidedly they do make me feel stupid. 
我正在看几个使用ACS的示例,这些示例确实使我感到愚蠢。
I looked at the tutorial online it seems like all I need was the following line in the config: 我在网上看了教程,似乎我所需要的只是配置中的以下行:
httpRuntime requestValidationMode="2.0"
But some other examples in this sample project SimpleMVC4 had no such line in its configuration. 但是此示例项目 SimpleMVC4中的其他一些示例在其配置中没有这样的行。 Worse, I didn't see anything in there that references ACS library whatever that might be. 更糟糕的是,我在那里看不到任何引用ACS库的内容。
The MVC3 sample on the other hand had a bunch of gibberish including an ajax request to a javascript huh!? 另一方面,MVC3示例有很多胡言乱语,包括对javascript的ajax请求吧!?
public const string HrdPath = "v2/metadata/IdentityProviders.js";
/// <summary>
/// Gets the url with its query string representing this request
/// </summary>
/// <returns></returns>
public string GetUrlWithQueryString()
{
uriBuilder.Path = HrdPath;
uriBuilder.Query = parameters.ToQueryString();
return uriBuilder.Uri.AbsoluteUri;
}
and in the Raxor View 并在Raxor视图中
$("#signIn").click(function () {
//
// Explicit JSONP callback can be used to do client side caching of identity provider data.
//
$.ajax({
url: "@Html.Raw(Model.GetUrlWithQueryString())",
dataType: "jsonp",
HUH!? HUH !?
Look can I just get some simple (idiot proof) pointers? 看起来我能得到一些简单的(白痴证明)的指针吗?
- I am a relying party 我是一个依赖方
- I have got an MVC controller action , I want to tell users here are the Identity Providers (IP) that they can use, and their respective URLs as well as generating the tokens that will be verified in step (3), below. 我有一个MVC 控制器动作 ,我想告诉用户这里是他们可以使用的身份提供者(IP),以及它们各自的URL以及生成将在下面的步骤(3)中进行验证的令牌。 How do I get to this in a C# code? 如何在C#代码中做到这一点?
- Once, the client, ACS, IP are done with their business, I don't care what that is, as far as I'm concerned all those is between the client, ACS and the IP. 客户端,ACS,IP一旦完成了他们的业务,我不在乎那是什么,就我所关心的所有这些都在客户端,ACS和IP之间。 I should get another request from the user. 我应该从用户那里得到另一个请求。 What do I do with this request? 我如何处理此请求? How do I verify if the user is kosher? 如何验证用户是否是犹太洁食者? And that they did not falsify the token from step (2) above. 并且他们没有伪造上述步骤(2)中的令牌。
1 个解决方案
解决方案1
5 已采纳 2013-06-13 04:51:34
I too have gone through similar pain in recent past. 最近,我也经历过类似的痛苦。 I was a complete newbie with this and had quite a hard time understanding all this. 我是一个完全的新手,很难理解所有这些。 I found Pluralsight Courses from Dominick Baier quite useful in understanding these concepts. 我发现Dominick Baier的Pluralsight课程对理解这些概念非常有用。
Now coming to your questions. 现在来问你的问题。
I have got an MVC controller action, I want to tell users here are the Identity Providers (IP) that they can use, and their respective URLs as well as generating the tokens that will be verified in step (3), below.
Do take a look at this blog post for creating the login page on your end: https://www.simple-talk.com/cloud/development/creating-a-custom-login-page-for-federated-authentication-with-windows-azure-acs/ 请查看此博客文章,以在您的末端创建登录页面: https : //www.simple-talk.com/cloud/development/creating-a-custom-login-page-for-federated-authentication-with -Windows-天青-ACS /
Once, the client, ACS, IP are done with their business, I don't care what that is, as far as I'm concerned all those is between the client, ACS and the IP.
I don't think you would need to do anything special here. 我认为您不需要在这里做任何特别的事情。 ASP.Net pipeline takes care of it for you by setting the IsAuthenticated property of the Principal to true. 通过将Principal的IsAuthenticated属性设置为true,ASP.Net管道可以为您解决此IsAuthenticated 。 Here's what my code currently looks like (mostly taken from the blog post above). 这是我的代码当前的样子(大部分取自上面的博客文章)。 For me, the entire application is protected and by default the user lands on the home page. 对我来说,整个应用程序都受到保护,默认情况下,用户登录到主页。 I check if the user is authenticated or not. 我检查用户是否已通过身份验证。 If they're not authenticated, I show them all Identity Providers configured in ACS and the user can login using any of those. 如果未通过身份验证,则向他们显示ACS中配置的所有身份提供程序,用户可以使用其中任何一个进行登录。 Once the authentication is successful, ACS sends the user back to the same page and this time the user is authenticated. 身份验证成功后,ACS会将用户发送回同一页面,并且这次用户已通过身份验证。 In my code, I do a bunch of claims transformation needed for my application if the user is authenticated. 在我的代码中,如果用户通过了身份验证,那么我的应用程序需要进行一堆声明转换。
Controller 调节器
public ActionResult Index()
{
if (!ClaimsPrincipal.Current.Identity.IsAuthenticated)
{
var idpsUrl = "IdentityProvidersUrl Taken from ACS Login Page";
var webClient = new WebClient()
{
Encoding = Encoding.UTF8,
};
var jsonList = webClient.DownloadString(idpsUrl);
var acsResult = JsonConvert.DeserializeObject<List<IdentityProvider>>(jsonList);
return View(acsResult);
}
else
{
var principal = ClaimsPrincipal.Current;
var claims = principal.Claims;
//If any claims transformation needs to be done, that can be done here.
}
}
View 视图
@{
ViewBag.Title = "Index";
}
<h2>Index</h2>
@foreach (var p in Model)
{
<p>
<a href="@p.LoginUrl">@p.ToString()</a>
</p>
}
Model 模型
public class IdentityProvider
{
public List<string> EmailAddressSuffixes { get; set; }
public string ImageUrl { get; set; }
public string LoginUrl { get; set; }
public string LogoutUrl { get; set; }
public string Name { get; set; }
public override string ToString()
{
return Name;
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.