[英]How to authenticate/Authorize the MVC web app and web api in the same application
We have developed a web application using asp.net MVC framework with Azure active directory for Authentication/Authorization. 我们使用asp.net MVC框架开发了一个Web应用程序,该框架具有用于身份验证/授权的Azure活动目录。 Now the question is we are going to use api in that webapp.
现在的问题是,我们将在该Web应用程序中使用api。 For authenticating web api can we use same the request token which we get when we the authorize successfully for the webapp web app.
为了对Web api进行身份验证,我们可以使用与成功授权webapp Web应用程序时获得的请求令牌相同的令牌。
Thanks, Tamilselvan S. 谢谢,Tamilselvan S.
You can add multiple authentication middle ware for the web app supports OWIN. 您可以为Web应用程序支持OWIN添加多个身份验证中间件。 To support both cookie and bear authentication, you can refer the code below:
要同时支持cookie和承担认证,您可以参考以下代码:
app.UseWindowsAzureActiveDirectoryBearerAuthentication(
new WindowsAzureActiveDirectoryBearerAuthenticationOptions
{
Audience = ConfigurationManager.AppSettings["ida:Audience"],
Tenant = ConfigurationManager.AppSettings["ida:Tenant"],
});
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = Authority,
Notifications = new OpenIdConnectAuthenticationNotifications()
{
RedirectToIdentityProvider = (context) =>
{
// This ensures that the address used for sign in and sign out is picked up dynamically from the request
// this allows you to deploy your app (to Azure Web Sites, for example)without having to change settings
// Remember that the base URL of the address used here must be provisioned in Azure AD beforehand.
string appBaseUrl = context.Request.Scheme + "://" + context.Request.Host + context.Request.PathBase;
context.ProtocolMessage.RedirectUri = appBaseUrl + "/";
context.ProtocolMessage.PostLogoutRedirectUri = appBaseUrl;
return Task.FromResult(0);
},
AuthenticationFailed = (context) =>
{
// Suppress the exception if you don't want to see the error
context.HandleResponse();
return Task.FromResult(0);
}
},
TokenValidationParameters = new System.IdentityModel.Tokens.TokenValidationParameters
{
ValidateIssuer = false,
}
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.