[英]How to switch from Hybrid flow to ResourceOwner flow with IdentityServer3
I need to upgrade (or downgrade) my Website to using a local login page. 我需要升级(或降级)我的网站以使用本地登录页面。 I had it all working using the hybrid flow using the following code 我使用以下代码使用混合流使所有工作正常进行
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions(){});
And then when the token would come back, it would give me access to complete the authentication logic in asp.net- setting the claims identity, principal, etc. 然后,当令牌返回时,它将使我能够访问完成asp.net中的身份验证逻辑-设置声明身份,主体等。
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions()
{
Notifications = new OpenIdConnectAuthenticationNotifications()
{
SecurityTokenValidated = async n =>
{
// perform transform, etc..
n.AuthenticationTicket = new AuthenticationTicket(
identity, n.AuthenticationTicket.Properties);
await Task.FromResult(0);
}
}
});
Now, I am going to be collecting the username and password from an MVC action method. 现在,我将从MVC操作方法中收集用户名和密码。 I am able to get the access token from the client this way. 我可以通过这种方式从客户端获取访问令牌。
[HttpPost]
public ActionResult Login(LoginModel model)
{
var client = new TokenClient(
StsSettings.TokenEndpoint,
ClientId,
Secret);
var x = client.RequestResourceOwnerPasswordAsync(model.UserName, model.Password, "customid openid").Result;
return View(model);
}
But I'm not sure how the easiest way to tell ASP.NET to point to my custom login page instead of an identity server. 但是我不确定告诉ASP.NET指向我的自定义登录页面而不是身份服务器的最简单方法。 Would I use forms authentication logic and create some AuthenticationTicket? 我会使用表单身份验证逻辑并创建一些AuthenticationTicket吗? Also, what is the best way set the ClaimsIdentity
(I know how to get the claims back, just need a "hook") 另外,设置ClaimsIdentity
的最佳方法是ClaimsIdentity
(我知道如何取回索赔,只需要一个“钩子”即可)
如果要使资源所有者密码流的结果成为登录用户,则需要使用该新认证用户的声明发出主认证cookie。
var claims = new Claim[] { new Claim("name", username), new Claim("sub", "4848784904"), new Claim("email", "BrockAllen@gmail.com"), new Claim("role", "Admin"), new Claim("role", "Dev"), }; // "Cookies" is the name of your cookie middleware, // so change to match what you're actually using in Startup.cs var ci = new ClaimsIdentity(claims, "Cookies", "name", "role"); Request.GetOwinContext().Authentication.SignIn(ci); return Redirect("~/Home/Secure");
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.