[英]Changing ReturnUrl in OWIN RedirectToIdentityProvider notification
We are currently overriding WSFederationAuthenticationModule.RedirectToIdentityProvider
in our product to change the returnUrl to which the users agent is redirected to after authentication. 当前,我们在产品中重写WSFederationAuthenticationModule.RedirectToIdentityProvider
,以更改身份验证后将用户代理重定向到的returnUrl。
Now we're in the proces of adopting OWIN (Katana) middleware instead of HttpModules. 现在我们处于采用OWIN(Katana)中间件而不是HttpModules的过程中。 In the RedirectToIdentityProvider
notification in WsFederationAuthenticationOptions
, I see the WCtx
parameter now contains a WsFedOwinState
parameter which is encrypted using DPAPI. 在WsFederationAuthenticationOptions
的RedirectToIdentityProvider
通知中,我看到WCtx
参数现在包含一个WsFedOwinState
参数,该参数已使用DPAPI加密。
How do I implement the RedirectToIdentityProvider
action to change the return URL? 如何实现RedirectToIdentityProvider
操作来更改返回URL? Do I need to decrypt the WsFedOwinState
parameter to add the returnUrl query parameter or is there some other way? 我是否需要解密WsFedOwinState
参数以添加returnUrl查询参数,还是有其他方法?
inside RedirectToIdentityProvider, you will have access to the WsFederationMessage. 在RedirectToIdentityProvider中,您将有权访问WsFederationMessage。
Set the Wreply property to the value you need. 将Wreply属性设置为所需的值。
As a note: MachineKey is used by default, not DPAPI for protecting wctx. 注意:默认情况下使用MachineKey,而不使用DPAPI保护wctx。
In my case, I changed the return URL in SecurityTokenValidated
and had the redirection from ADFS always go to the same URL 就我而言,我更改了SecurityTokenValidated
的返回URL,并使从ADFS的重定向始终转到相同的URL
public void ConfigureAuth(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(WsFederationAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = WsFederationAuthenticationDefaults.AuthenticationType });
app.UseWsFederationAuthentication(new WsFederationAuthenticationOptions
{
Wtrealm = realm,
MetadataAddress = adfsMetadata,
Notifications = new WsFederationAuthenticationNotifications
{
SecurityTokenValidated = nx =>
{
nx.AuthenticationTicket.Properties.RedirectUri = "/RedirectionGoesHere.aspx";
return Task.FromResult(0);
}
}
});
// This makes any middleware defined above this line run before the Authorization rule is applied in web.config
app.UseStageMarker(PipelineStage.Authenticate);
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.