如何在 c# webapi 中使用 IdentityModel.OidcClient 来验证和验证从支持 openid 连接的活动目录服务生成的令牌?
[英]How can I use IdentityModel.OidcClient in a c# webapi to verify and validate token generated from active directory service supporting openid connect?
问题描述
I have a webapi in c# and a frontend angular application.
我在 c# 和前端 angular 应用程序中有一个 webapi。 The angular application is making calls to active directory services such as azure ad, to get the access token. angular 应用程序正在调用活动目录服务,例如 azure 广告,以获取访问令牌。 While on subsequent webapi calls the web api application needs to validate the access token.在随后的 webapi 调用中,web api 应用程序需要验证访问令牌。
My webapi was using Microsoft.Owin.Security jwt token validation up until now.到目前为止,我的 webapi 一直在使用 Microsoft.Owin.Security jwt 令牌验证。 I want to replace Microsoft.Owin.Security with IdentityModel.OidcClient ( since this is certified c# openid connect library).我想用 IdentityModel.OidcClient 替换 Microsoft.Owin.Security (因为这是经过认证的 c# openid 连接库)。 Please help me out on how to use the OidcClient framework to validate the token.请帮助我了解如何使用 OidcClient 框架来验证令牌。
1 个解决方案
解决方案1
0 已采纳 2021-05-18 09:12:56
To validate tokens you should not use IdentityModel.OidcClient, instead you should use the Microsoft.AspNetCore.Authentication.JwtBearer Nuget Package to properly validate JWT tokens in an API. To validate tokens you should not use IdentityModel.OidcClient, instead you should use the Microsoft.AspNetCore.Authentication.JwtBearer Nuget Package to properly validate JWT tokens in an API.
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.