[英]Silent SSO login with Azure B2C and Open Id Connect in .NET Core MVC Application
We would like to implement functionality where user should be logged silently over Single sign-on. 我们希望实现一些功能,使用户应通过单点登录静默登录。 The user go to the application A and log into.
用户进入应用程序A并登录。 Now he goes to the application B, which is using the same tenant as application A. At this moment to log into the application B, it is necessary by user to click on Login button to start the
Challenge
which handle the whole OpenID Connect protocol exchange. 现在他进入应用程序B,该应用程序使用与应用程序A相同的租户。这时,登录到应用程序B,用户必须单击“登录”按钮来启动“
Challenge
,以处理整个OpenID Connect协议交换。
[HttpGet]
public IActionResult SignIn()
{
var redirectUrl = Url.Action(nameof(HomeContrsioller.Index), "Home");
return Challenge(new AuthenticationProperties { RedirectUri = redirectUrl },
OpenIdConnectDefaults.AuthenticationScheme);
}
The idea here was to utilize Authorize
attribute. 这里的想法是利用
Authorize
属性。
[Authorize]
public IActionResult Index()
{
return View();
}
The problem with this attribute is that per default the attribute redirects to the login UI when the user isn't logged in. The desired behavior here is to try to silently authenticate user, when the authentication isn't possible, ignore it. 此属性的问题在于,默认情况下,该属性会在用户未登录时重定向到登录UI。此处的所需行为是尝试对用户进行静默身份验证,如果无法进行身份验证,请忽略它。
I tried to disable to automatic challenge like described here but without success. 我试图禁用此处所述的自动挑战,但没有成功。
You can try embedding an iframe on an anonymous page that has the src set to the signin route. 您可以尝试将iframe嵌入到将src设置为登录路线的匿名页面上。 Make sure when your challenge fires you set prompt=none
确保在激发挑战时将提示设置为“无”
You can squash any errors that come back from the signin request like interaction_required and acheive a silent single sign on when it works 您可以压缩从登录请求返回的任何错误(例如,interaction_required),并在其正常工作时实现无提示单点登录
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.