.net 核心应用程序在 Azure 上运行,使用 AAD 保持循环进行身份验证
[英].net core application running on Azure using AAD keep looping for authentication
问题描述
i have created a simple dot net core MVC application which is built by visualstudio 2019 at the start of project creation.
我创建了一个简单的 dot net core MVC 应用程序,它是由 visualstudio 2019 在项目创建开始时构建的。 i am hosting the application on azure app service using Azure active directory.我使用 Azure 活动目录在 azure 应用服务上托管应用程序。 when i log in to AAD it let me sign in and gives a welcome message You have successfully signed in RETURN TO THE WEBSITE.当我登录到 AAD 时,它让我登录并发出欢迎消息 您已成功登录 返回网站。 when i return to website, it does the same thing again comes back to same screen.当我返回网站时,它会再次返回相同的屏幕。
The only change i have manually added is the client ID with the one that i have registered in AAD with redirecturi as "https://.azurewebsites.net/.auth/login/aad/callback".我手动添加的唯一更改是我在 AAD 中注册的客户端 ID,redirecturi 为“https://.azurewebsites.net/.auth/login/aad/callback”。
here's my appsettings.json这是我的 appsettings.json
{
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "<myid>.onmicrosoft.com",
"TenantId": "<mt tenant>",
"RedirectUri": "https://<myappname>.azurewebsites.net",
"ClientId": "<my client from aad>",
"CallbackPath": "/signin-oidc"
},
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
},
"AllowedHosts": "*"
}
Here's the code from startup这是启动时的代码
namespace Yellalebros
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
services.AddControllersWithViews(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
});
services.AddRazorPages();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
endpoints.MapRazorPages();
});
}
}
}
2 个解决方案
解决方案1
0 2020-06-15 07:52:25
You need to change redirecturi in azure ad您需要在 azure 广告中更改redirecturi
from从https://.azurewebsites.net/.auth/login/aad/callback
to至https://.azurewebsites.net/signout-oidc . https://.azurewebsites.net/signout-oidc 。
For more details you could refer to this article about add sign-in with Microsoft to an ASP.NET Core web app.有关更多详细信息,您可以参考这篇关于将 Microsoft 登录添加到 ASP.NET Core web 应用程序的文章。
解决方案2
0 2020-06-28 01:30:44
Thanks, i changed the way suggested above, but now i am getting below error.谢谢,我改变了上面建议的方式,但现在我遇到了错误。
AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: '95689c9a-465b-4f11-ae91-2dda44256bf9'. AADSTS50011:请求中指定的回复 URL 与为应用程序配置的回复 URL 不匹配:“95689c9a-465b-4f11-ae91-2dda44256bf9”。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.