堆栈内存溢出
  简体   繁体   English

开发环境的 Microsoft Azure Active Directory 身份验证登录 URL

[英]Microsoft Azure Active Directory Authentication login URL for Dev environment

 原文  2017-02-02 20:59:28       c#/ asp.net-mvc/ azure-active-directory

问题描述

Update:更新:

As suggested I changed my Startup.auth.cs to code below

    public partial class Startup
    {
        private static string clientId = ConfigurationManager.AppSettings["ida:ClientId"];
        private static string appKey = ConfigurationManager.AppSettings["ida:ClientSecret"];
        private static string aadInstance = ConfigurationManager.AppSettings["ida:AADInstance"];
        private static string tenantId = ConfigurationManager.AppSettings["ida:TenantId"];
        private static string postLogoutRedirectUri = ConfigurationManager.AppSettings["ida:PostLogoutRedirectUri"];

        public static readonly string Authority = aadInstance + tenantId;

        // This is the resource ID of the AAD Graph API.  We'll need this to request a token to call the Graph API.
        string graphResourceId = "https://graph.windows.net";

        public void ConfigureAuth(IAppBuilder app)
        {
            ApplicationDbContext db = new ApplicationDbContext();

            app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

            app.UseCookieAuthentication(new CookieAuthenticationOptions());

            app.UseOpenIdConnectAuthentication(
                new OpenIdConnectAuthenticationOptions
                {
                    ClientId = clientId,
                    Authority = Authority,
                    PostLogoutRedirectUri = postLogoutRedirectUri,

                    Notifications = new OpenIdConnectAuthenticationNotifications()
                    {
                        // If there is a code in the OpenID Connect response, redeem it for an access token and refresh token, and store those away.
                       AuthorizationCodeReceived = (context) => 
                       {
                           var code = context.Code;
                           ClientCredential credential = new ClientCredential(clientId, appKey);
                           string signedInUserID = context.AuthenticationTicket.Identity.FindFirst(ClaimTypes.NameIdentifier).Value;
                           AuthenticationContext authContext = new AuthenticationContext(Authority, new ADALTokenCache(signedInUserID));



                               AuthenticationResult result =
                                 authContext.AcquireTokenByAuthorizationCode(
                                     code,
                                     new Uri(HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Path)),
                                     credential,
                                     graphResourceId);


                           return Task.FromResult(0);
                       },


                        RedirectToIdentityProvider = context =>
                        {
                            string appBaseUrl = context.Request.Scheme + "://" + context.Request.Host + context.Request.PathBase;
                            string currentUrl = context.Request.Scheme + "://" + context.Request.Host + context.Request.Path;
                            context.ProtocolMessage.RedirectUri = currentUrl;
                            context.ProtocolMessage.PostLogoutRedirectUri = appBaseUrl;
                            return Task.FromResult(0);
                        }
                    }
                });
        }
    }

And now I have this:现在我有这个:

在此处输入图片说明

Sometimes a DbEntityValidationException happens on my ApplicationDbContext (used to store ADALTokenCache)有时 DbEntityValidationException 发生在我的 ApplicationDbContext 上(用于存储 ADALTokenCache)

When coding a web application using Azure AD ou Office 365 for user authentication you need to create a application key and configure an url for Azure redirect to your application after login.使用 Azure AD 或 Office 365 为用户身份验证编写 Web 应用程序时,您需要创建应用程序密钥并配置登录后 Azure 重定向到应用程序的 URL。 This url should be configured in web.config, but Azure AD ignores URI parameter that your application sends and redirects you to production URI instead of development URI.此 url 应在 web.config 中配置,但 Azure AD 会忽略应用程序发送的 URI 参数并将您重定向到生产 URI 而不是开发 URI。

my development url: https://localhost:44315/ production url: http://timesheet.tecnun.com.br/我的开发网址: https://localhost:44315/生产网址: http ://timesheet.tecnun.com.br/

the application ignores web.config and redirects to production url always应用程序总是忽略 web.config 并重定向到生产 url

web.config:网络配置:

  <appSettings>
    <add key="webpages:Version" value="3.0.0.0" />
    <add key="webpages:Enabled" value="false" />
    <add key="ClientValidationEnabled" value="true" />
    <add key="UnobtrusiveJavaScriptEnabled" value="true" />
    <add key="ida:ClientId" value="xxxxx" />
    <add key="ida:AADInstance" value="https://login.microsoftonline.com/" />
    <add key="ida:ClientSecret" value="xxxx" />
    <add key="ida:Domain" value="tecnun.com.br" />
    <add key="ida:TenantId" value="xxx" />
    <add key="ida:PostLogoutRedirectUri" value="https://localhost:44315/" />
  </appSettings>

my azure configuration:我的天蓝色配置: 天蓝色的配置

Id like to work with two environments, development and production/real.我喜欢在两种环境下工作,开发和生产/真实。 But I can't find out how to do this without creating two applications.但是我不知道如何在不创建两个应用程序的情况下做到这一点。

1 个解决方案

解决方案1
 0  2017-02-08 06:02:24

To make the same application works for the different redirect URL, we can change it dynamically before the web app redirect to the identity data provider.为了使相同的应用程序适用于不同的重定向 URL,我们可以在 Web 应用程序重定向到身份数据提供者之前动态更改它。

Here is the code sample for your reference:这是供您参考的代码示例:

app.UseOpenIdConnectAuthentication(
    new OpenIdConnectAuthenticationOptions
    {
        ClientId = clientId,
        Authority = authority,

        Notifications = new OpenIdConnectAuthenticationNotifications
        {
            RedirectToIdentityProvider=context=>
            {                                  
                string appBaseUrl = context.Request.Scheme + "://" + context.Request.Host + context.Request.PathBase;
                string currentUrl = context.Request.Scheme + "://" + context.Request.Host + context.Request.Path;
                context.ProtocolMessage.RedirectUri = currentUrl;
                context.ProtocolMessage.PostLogoutRedirectUri = appBaseUrl;
                return Task.FromResult(0);
            }
        }
    });

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在开发/测试环境中模拟Active Directory登录 - Simulating an Active Directory Login in Dev/Test Environment 使用Azure Active Directory身份验证而不重定向到Microsoft - Use Azure Active Directory Authentication without redirecting to Microsoft 在测试环境中通过 Azure Active Directory 执行身份验证过程时出错 - Error when performing the authentication process by Azure Active Directory in test environment 成功登录Azure Active Directory后无法通过身份验证 - Authentication not going through after successful login in Azure Active Directory 以编程方式登录Azure Active Directory - Login to Azure Active Directory programmatically 使用 Azure Active Directory 的 Azure Function 身份验证 - Azure Function authentication using Azure Active Directory 检查 Microsoft Azure Active Directory 中是否存在用户名 - Check if username exist in Microsoft Azure Active Directory Azure Active Directory使用Microsoft帐户登录 - Azure Active Directory sign in with Microsoft Account Active Directory注销在Azure环境中不起作用 - Active directory signout not working in Azure environment 在Intranet中使用Active Directory进行登录身份验证...可能吗? - Login Authentication using Active Directory in the Intranet…Possible?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM