在 .Net Core 中将登录与 Azure Active Directory 集成

Question

I am trying to integrate sign in option through Azure Active Directory with .net core application.我正在尝试通过 Azure Active Directory 与 .net 核心应用程序集成登录选项。 I have been through Microsoft's blogs and I have been to the steps where user can login with Microsoft's account.我浏览过微软的博客，也看过用户可以使用微软帐户登录的步骤。 But the ISSUE is但问题是

"It is always redirecting me to the login action method again." “它总是再次将我重定向到登录操作方法。” which loops me back to sign in screen.这让我回到登录屏幕。

Image for redirect URLS:重定向 URL 的图像：

My Startup Class我的创业班

services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
                .AddCookie()
                .AddAzureAD(options => Configuration.Bind("AzureAd", options));
            services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
            {
                options.Authority = options.Authority + "/v2.0/";


                options.TokenValidationParameters.ValidateIssuer = false;

            });

My Login account controller我的登录帐户控制器

[HttpGet]
        [AllowAnonymous]
        public async Task<IActionResult> Login(string returnUrl)
        {
            if (User.Identity.IsAuthenticated)
                return RedirectToAction("Index", "Search");

            var domainInfo = await _subdomainProvider.GetDomainInfoAsync(Request.Host.Value);
            if (domainInfo.LoginMethod == LoginMethod.AzureAD)
            {
                var redirectUrl = Url.Action("Index", "Search");
                var properties = _signInManager
                    .ConfigureExternalAuthenticationProperties(LoginMethod.AzureAD.ToString(), redirectUrl);
                return new ChallengeResult(LoginMethod.AzureAD.ToString(), properties);

            }
            else
            {
                ViewBag.ReturnUrl = returnUrl;
                ViewBag.Background = await GetRandomBackgroundAsync(domainInfo.LoginBackgrounds);
            }


            return View(new LoginModel
            {
                Language = GetLanguage(),
                ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList()
            });
        }

Login View登录视图

<form method="post" asp-controller="Account" asp-action="SignIn" asp-route-returnUrl="@Model.ReturnUrl">
        <h2>@AccountStrings.Login_ExternalLogin_Title</h2>
        <div>

            @foreach (var provider in Model.ExternalLogins)
            {
                <button type="submit" class="btn  login-provider @provider.DisplayName"
                        name="provider" value="@provider.Name"
                        title="Log in using your @provider.DisplayName account">
                    @provider.DisplayName
                </button>
            }
        </div>
    </form>

Even added the redirection URL on azure portal to be redirected to action method ie dashboard.but still didn't work.甚至在 azure 门户上添加了重定向 URL 以重定向到操作方法，即仪表板。但仍然不起作用。

Any help would be appreciated.任何帮助，将不胜感激。 Thank you.谢谢你。

Answer 1

According to my understanding, you want to integrate Azure AD with your .net core web application.根据我的理解，您希望将 Azure AD 与您的 .net 核心 Web 应用程序集成。 If so, please refer to the document and the article如果是，请参考文档和文章

appsettings.json file appsettings.json 文件

"AzureAd": {
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "<you tenant doamin>",
    "TenantId": "<>",
    "ClientId": "<>",
    "CallbackPath": "/signin-oidc"

Add the following code to the startup.cs将以下代码添加到startup.cs

  services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
                .AddAzureAD(options => Configuration.Bind("AzureAd", options));
            //services.Configure<AzureADOptions>(options => Configuration.Bind("AzureAd", options));
            services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
            {
                options.Authority = options.Authority + "/v2.0/";
                options.TokenValidationParameters.ValidateIssuer = false;
            });

Answer 2

That seems you are using ASP.NET Core Identity with Azure AD login .看来您正在使用 ASP.NET Core Identity 和 Azure AD login 。 If that is your scenario , you can set CookieSchemeName to Identity.External so that asp.net core identity can get the external user profile from external identity provider :如果这是您的方案，您可以将CookieSchemeName设置为Identity.External以便 asp.net 核心身份可以从外部身份提供者获取外部用户配置文件：

services.AddDbContext<ApplicationDbContext>(options =>
    options.UseSqlServer(
        Configuration.GetConnectionString("DefaultConnection")));
services.AddDefaultIdentity<IdentityUser>()
    .AddEntityFrameworkStores<ApplicationDbContext>();

services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
         .AddAzureAD(options => Configuration.Bind("AzureAd", options));

services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
    options.Authority = options.Authority + "/v2.0/";
    options.TokenValidationParameters.ValidateIssuer = false;

});

Azure AD application setting : Azure AD 应用程序设置：

    "AzureAd": {
        "Instance": "https://login.microsoftonline.com/",
        "Domain": "xxx.onmicrosoft.com",
        "TenantId": "xxxxxx-xxxxx-4f08-b544-b1eb456f228d",
        "ClientId": "xxxxx-xxxxx-4717-9821-e4f718fbece4",
        "CallbackPath": "/signin-oidc",
        "CookieSchemeName": "Identity.External"
    },

在 .Net Core 中将登录与 Azure Active Directory 集成

问题描述

2 个解决方案

解决方案1
0 2020-01-28 03:02:58

解决方案2
0 2020-01-28 05:33:15

在 .Net Core 中将登录与 Azure Active Directory 集成

问题描述

2 个解决方案

解决方案1 0 2020-01-28 03:02:58

解决方案2 0 2020-01-28 05:33:15

解决方案1
0 2020-01-28 03:02:58

解决方案2
0 2020-01-28 05:33:15