Azure AD身份验证

Question

I am trying to migrate an ASP.NET MVC app from forms authentication to Azure AD. 我正在尝试将ASP.NET MVC应用程序从表单身份验证迁移到Azure AD。 Locally it works fine, but when I deployed to the dev server I get this error : 在本地它可以正常工作，但是当我部署到开发服务器时，出现此错误：

[InvalidOperationException: IDX10803: Unable to create to obtain configuration from: 'https://login.microsoftonline.com/mydomain.onmicrosoft.com/.well-known/openid-configuration'.]

This is the Startup class: 这是启动类：

 public partial class Startup
{
    private static readonly string clientId = ConfigurationManager.AppSettings["ida:ClientId"];
    private static readonly string aadInstance = ConfigurationManager.AppSettings["ida:AADInstance"];
    private static readonly string postLogoutRedirectUri = ConfigurationManager.AppSettings["ida:PostLogoutRedirectUri"];
    private static readonly string redirectUri = ConfigurationManager.AppSettings["ida:RedirectUri"];
    private static readonly string tenant = ConfigurationManager.AppSettings["ida:Tenant"];
    private static readonly string domain = ConfigurationManager.AppSettings["ida:Domain"];

    private static readonly string authority = string.Format(aadInstance, tenant);

    public void ConfigureAuth(IAppBuilder app)
    {
        app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

        app.UseCookieAuthentication(new CookieAuthenticationOptions());

        app.UseOpenIdConnectAuthentication(
            new OpenIdConnectAuthenticationOptions
            {
                ClientId = clientId,
                Authority = authority,
                PostLogoutRedirectUri = postLogoutRedirectUri,
                RedirectUri = redirectUri,
                /*
                * Skipping the Home Realm Discovery Page in Azure AD
                * http://www.cloudidentity.com/blog/2014/11/17/skipping-the-home-realm-discovery-page-in-azure-ad/
                */
                Notifications = new OpenIdConnectAuthenticationNotifications
                {
                    RedirectToIdentityProvider = (context) =>
                    {
                        context.ProtocolMessage.DomainHint = domain;
                        return Task.FromResult(0);
                    }
                }
            });
    }
}

If I open the https://login.microsoftonline.com/mydomain.onmicrosoft.com/.well-known/openid-configuration link I get this: 如果我打开https://login.microsoftonline.com/mydomain.onmicrosoft.com/.well-known/openid-configuration链接，则会得到以下信息：

{"authorization_endpoint":"https://login.microsoftonline.com/58f6d2d3-81bd-40d7-872f-8e17475a8058/oauth2/authorize","token_endpoint":"https://login.microsoftonline.com/58f6d2d3-81bd-40d7-872f-8e17475a8058/oauth2/token","token_endpoint_auth_methods_supported":["client_secret_post","private_key_jwt"],"jwks_uri":"https://login.microsoftonline.com/common/discovery/keys","response_modes_supported":["query","fragment","form_post"],"subject_types_supported":["pairwise"],"id_token_signing_alg_values_supported":["RS256"],"response_types_supported":["code","id_token","code id_token","token id_token","token"],"scopes_supported":["openid"],"issuer":"https://sts.windows.net/58f6d2d3-81bd-40d7-872f-8e17475a8058/","claims_supported":["sub","iss","aud","exp","iat","auth_time","acr","amr","nonce","email","given_name","family_name","nickname"],"microsoft_multi_refresh_token":true,"check_session_iframe":"https://login.microsoftonline.com/58f6d2d3-81bd-40d7-872f-8e17475a8058/oauth2/checksession","end_session_endpoint":"https://login.microsoftonline.com/58f6d2d3-81bd-40d7-872f-8e17475a8058/oauth2/logout","userinfo_endpoint":"https://login.microsoftonline.com/58f6d2d3-81bd-40d7-872f-8e17475a8058/openid/userinfo"}

Answer 1

看来问题出在防火墙设置。

Azure AD身份验证

问题描述

1 个解决方案

解决方案1
0 已采纳 2015-11-30 20:30:49

Azure AD身份验证

问题描述

1 个解决方案

解决方案1 0 已采纳 2015-11-30 20:30:49

解决方案1
0 已采纳 2015-11-30 20:30:49