ASP.NET Core IdentityServer4 - 如何使用客户端登录页面而不是 IdentityServer 登录页面?
[英]ASP.NET Core IdentityServer4 - How can I use Client Login Page instead of IdentityServer Login Page?
问题描述
I have 2 API, 1 MVC Web App and IdentityServer App in my project.
我的项目中有 2 个 API、1 个 MVC Web App 和 IdentityServer App。
Local ports:本地端口:
IdentityServer: https://localhost:1000身份服务器:https://localhost:1000
API 1: https://localhost:2000 API 1: https://localhost:2000
API 2: https://localhost:3000 API 2:https://localhost:3000
Client: https://localhost:4000客户:https://localhost:4000
In terms of MVC Web App, its Startup.cs Authentication service is like this;在MVC Web App方面,它的Startup.cs Authentication服务是这样的;
services.AddAuthentication(_ =>
{
DefaultScheme = "...";
DefaultChallengeScheme = "oidc";
})
.AddCookie("...", options => options.AccessDeniedPath = "/home/accessdenied")
.AddOpenIdConnect("oidc", _ =>
{
_.SignInScheme = "...";
_.Authority = "https://localhost:1000";
_.ClientId = "...";
_.ClientSecret = "...";
_.ResponseType = "code id_token";
_.GetClaimsFromUserInfoEndpoint = true;
_.SaveTokens = true;
_.Scope.Add("offline_access");
_.Scope.Add("...");
_.Scope.Add("...");
_.Scope.Add("...");
});
In MVC Web app, there is a Controller like this;在 MVC Web 应用程序中,有一个像这样的 Controller;
[Authorize]
public async Task<IActionResult> PayMoney()
{
var authenticationProperties = (await HttpContext.AuthenticateAsync()).Properties.Items;
string accessToken = authenticationProperties.FirstOrDefault(x => x.Key == ".Token.access_token").Value;
HttpClient httpClient = new HttpClient();
httpClient.DefaultRequestHeaders.Add("Authorization", $"Bearer {accessToken}");
HttpResponseMessage responseMessage = await httpClient.GetAsync("https://localhost:2000/api/.....");
string total = await responseMessage.Content.ReadAsStringAsync();
return View();
}
at this point, I run the apps all together.在这一点上,我一起运行应用程序。 After that I call PayMoney(above) and then project redirects me to IdentityServer Login Page ( Account/Login ) with ReturnUrl because I am not authenticated and authorized.之后我调用 PayMoney(above) 然后项目将我重定向到带有 ReturnUrl 的 IdentityServer 登录页面 ( Account/Login ),因为我没有经过身份验证和授权。
But I want to use the login page of MVC App instead of IdentityServer project's Quickstart.UI Login Page但我想使用 MVC App 的登录页面而不是 IdentityServer 项目的 Quickstart.UI 登录页面
Is it possible?可能吗? And when I researched people say I should use 'Resource Owner Password' but it is not secure for my project...当我研究过人们说我应该使用“资源所有者密码”但它对我的项目来说并不安全......
Does anyone have any idea about this??有人对此有任何想法吗?
2 个解决方案
解决方案1
0 2022-07-21 08:32:05
In OpenID Connect you are not supposed to let the client application see/touch the users username/password.在 OpenID Connect 中,您不应该让客户端应用程序看到/触摸用户的用户名/密码。 Instead it is by design that the user should be redirected to the identity provider for authentication.相反,设计上应该将用户重定向到身份提供者进行身份验证。
As a client, I would not trust to give my credentials to individual clients, instead you only want to do that to someone you as a user trusts.作为客户,我不相信将我的凭据提供给单个客户,相反,您只想对您作为用户信任的人这样做。
解决方案2
0 2022-08-15 16:30:07
In IdentityServer if you want to show your own login screen then you have to implement OpenID Connect by installing the NuGet package Microsoft.AspNetCore.Authentication.OpenIdConnect in your project.如果要在 IdentityServer 中显示自己的登录屏幕,则必须通过在项目中安装 NuGet package Microsoft.AspNetCore.Authentication.OpenIdConnect来实现 OpenID Connect。 The whole integration procedure is given at this tutorial - IdentityServer with ASP.NET Core Identity and MongoDB as Database [Detailed Guide] .本教程给出了整个集成过程 - IdentityServer with ASP.NET Core Identity 和 MongoDB as Database [详细指南] 。
You can also download the code from this GitHub repository which is implemented in .NET 5.0.您还可以从此GitHub 存储库下载代码,该存储库在 .NET 5.0 中实现。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.