[英]Configuring Azure AD login with .Net Core 2.2 Web Application
I was given with an URL to use as an Identity provider (using Open connect id protocol), I only have to be able to login using this provider. 我获得了一个用作身份提供者的URL(使用Open connect id协议),我只需要能够使用此提供者登录。
The issue I am having is when I try to login, I get this URL in the browser, and after a second it redirects again to my localhost, not been able to login: 我遇到的问题是当我尝试登录时,我在浏览器中获取此URL,并在一秒钟之后再次重定向到我的localhost,无法登录:
https://sitekitdev.b2clogin.com/sitekitdev.onmicrosoft.com/b2c_1_signuporin/oauth2/v2.0/authorize?client_id=6e093bdb-ba93-4c02-83fb-77678f07b14b&redirect_uri=https%3A%2F%2Flocalhost%3A44316%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=636887508645819548.MjQ0ZGQ1YmYtMjNkNC00NDNmLTllNGEtNGRhMDFmODVhZmNlOTQyMmZlODctYTQzYS00N2UyLWJmY2UtMTA1NzI2ODA4Mzc1&state=CfDJ8DRumlJMnSlBuWG5OQqU1yqvjbKErK387uuGadIAJIg-eCgI8wIB58VjX673D3KduNcU0ZwvbW2vgc9QYj6EfW5PXtx38O8JdIG_ioZVPPkNEMipl6dLIhEKpqFy8-wXIPnnHxvBjlB2-FiN6sluOWotTYuYBreowfe927VyOdf1LmN-6avIuTVxB9iexOYE08sR6QksbcTxQM2hrxJ-K6nYWZ3EeBE3TbgUkS4xlGUb68_d162eVwNnuzLzZkBr4eQxAw4VN8BWt8sJsYhjZCZiM98ZwlMCuJCx6PW5D9Tz&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.3.0.0 https://sitekitdev.b2clogin.com/sitekitdev.onmicrosoft.com/b2c_1_signuporin/oauth2/v2.0/authorize?client_id=6e093bdb-ba93-4c02-83fb-77678f07b14b&redirect_uri=https%3A%2F%2Flocalhost%3A44316%2Fsignin- OIDC&RESPONSE_TYPE = id_token&范围=的OpenID%20profile&response_mode = form_post&随机数= 636887508645819548.MjQ0ZGQ1YmYtMjNkNC00NDNmLTllNGEtNGRhMDFmODVhZmNlOTQyMmZlODctYTQzYS00N2UyLWJmY2UtMTA1NzI2ODA4Mzc1&状态= CfDJ8DRumlJMnSlBuWG5OQqU1yqvjbKErK387uuGadIAJIg-eCgI8wIB58VjX673D3KduNcU0ZwvbW2vgc9QYj6EfW5PXtx38O8JdIG_ioZVPPkNEMipl6dLIhEKpqFy8-wXIPnnHxvBjlB2-FiN6sluOWotTYuYBreowfe927VyOdf1LmN-6avIuTVxB9iexOYE08sR6QksbcTxQM2hrxJ-K6nYWZ3EeBE3TbgUkS4xlGUb68_d162eVwNnuzLzZkBr4eQxAw4VN8BWt8sJsYhjZCZiM98ZwlMCuJCx6PW5D9Tz&X-客户SKU = ID_NETSTANDARD2_0&X-客户-VER = 5.3.0.0
That is what I did when creating a web application: 这就是我在创建Web应用程序时所做的:
In the project template: 在项目模板中:
Change Authentication: I selected individual user account and then Connect to an existing user store in the cloud. 更改身份验证:我选择了单个用户帐户,然后连接到云中的现有用户存储。 After filling all the boxes come out this configuration in the appsettings.json:
填充所有框后,在appsettings.json中输出此配置:
{ "AzureAdB2C": { "Instance": "https://sitekitdev.b2clogin.com/tfp/", "ClientId": "6e093bdb-ba93-4c02-83fb-77678f07b14b", "CallbackPath": "/signin-oidc", "Domain": "sitekitdev.onmicrosoft.com", "SignUpSignInPolicyId": "B2C_1_Signuporin", "ResetPasswordPolicyId": "All", "EditProfilePolicyId": "" }, "Logging": { "LogLevel": { "Default": "Warning" } }, "AllowedHosts": "*" }
Then I didn't change nothing alse, so it all the default web page. 然后我没有改变任何其他,所以它是所有默认的网页。
The Identity provider endpoint I have to use: 我必须使用的身份提供者端点:
https://login.microsoftonline.com/sitekitdev.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_Signuporin&client_id=6e093bdb-ba93-4c02-83fb-77678f07b14b&nonce=defaultNonce&redirect_uri=https%3A%2F%2Flocalhost:44316&scope=openid&response_type=id_token&prompt=login https://login.microsoftonline.com/sitekitdev.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_Signuporin&client_id=6e093bdb-ba93-4c02-83fb-77678f07b14b&nonce=defaultNonce&redirect_uri=https%3A%2F%2Flocalhost:44316&scope=的OpenID&RESPONSE_TYPE = id_token&提示=登录
Note: the first url, I got in the browser is a bit different than this, in the first one I don't have the first part login.microsoftonline.com 注意:我在浏览器中获得的第一个URL与此有点不同,在第一个URL中我没有第一部分login.microsoftonline.com
And this is my startup class: 这是我的初创班:
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddAuthentication(AzureADB2CDefaults.AuthenticationScheme)
.AddAzureADB2C(options => Configuration.Bind("AzureAdB2C", options));
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
}
I just need to be able to login, and then get the JWT back (I will working configuring this after I am able to see the login page). 我只需要能够登录,然后返回JWT(我将在能够看到登录页面后进行配置)。
Thanks 谢谢
For the code, you could refer to this demo . 对于代码,您可以参考此演示 。
Or you could directly use the url get request to make the user sign in and then return the token. 或者您可以直接使用url get请求让用户登录然后返回令牌。
https://tenantname.b2clogin.com/tenantname.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_sample-sign-up-in&client_id=<value>&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fjwt.io&scope=openid&response_type=id_token&prompt=login
It will redirects to the login page: 它将重定向到登录页面:
After the user logging in, it will redirects to your page (here jwt as the example). 用户登录后,它将重定向到您的页面(此处以jwt为例)。
For the openid connect in B2C, you could read here . 对于B2C中的openid连接,您可以在这里阅读。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.