[英]Turn off AutomaticChallenge in asp.net mvc core 2 OpenIdConnect
我已经在我的ASP.NET Core 2.0 wep应用程序中添加了OpenID身份验证:
services.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOpenIdConnect(option =>
{
option.ClientId = Configuration["AzureAD:ClientId"];
option.Authority = String.Format(Configuration["AzureAd:AadInstance"], Configuration["AzureAd:Tenant"]);
option.SignedOutRedirectUri = Configuration["AzureAd:PostLogoutRedirectUri"];
});
如何打开自动质询,所以控制器,使用AuthorizeAttribute的resp操作将返回403而不是重定向?
编辑:我最终得到了这个:
.AddOpenIdConnect(option =>
{
...
option.Events = new OpenIdConnectEvents
{
OnRedirectToIdentityProvider = context =>
{
bool isAjaxRequest = context.HttpContext.Request.Headers["x-requested-with"] == "XMLHttpRequest";
if (isAjaxRequest)
{
context.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
//context.HttpContext.Response.Headers["Location"] = ???request.RedirectUrl;
context.HandleResponse();
}
return Task.CompletedTask;
}
};
});
虽然我不想重定向Ajax请求(因为为什么?),但我想将重定向url传递给客户端。 如何获得RedirectURL ?
到目前为止,我能够提供的最佳解决方案是:
services.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie(options =>
{
options.Events.OnRedirectToAccessDenied = DontRedirectAjaxOrApiRequestToForbidden;
})
.AddOpenIdConnect(options =>
{
...
options.Events.OnRedirectToIdentityProvider = DontRedirectAjaxRequestToOpenIdProvider;
});
/// <summary>
/// Unauthenticated ajax or API request returns 403 rather than Redirect to forbidden page
/// </summary>
private static Task DontRedirectAjaxOrApiRequestToForbidden(RedirectContext<CookieAuthenticationOptions> ctx)
{
bool isAjaxRequest = ctx.HttpContext.Request.Headers["x-requested-with"] == "XMLHttpRequest";
if (isAjaxRequest || (ctx.Request.Path.StartsWithSegments("/api")))
{
ctx.Response.StatusCode = 403;
}
else
{
ctx.Response.Redirect(ctx.RedirectUri);
}
return Task.CompletedTask;
}
/// <summary>
/// Unauthenticated ajax request returns 401 rather than Redirect
/// </summary>
private static Task DontRedirectAjaxRequestToOpenIdProvider(RedirectContext redirectContext)
{
bool isAjaxRequest = redirectContext.HttpContext.Request.Headers["x-requested-with"] == "XMLHttpRequest";
if (isAjaxRequest)
{
redirectContext.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
redirectContext.HttpContext.Response.Headers["Location"] = CookieAuthenticationDefaults.LoginPath.Value;
redirectContext.HandleResponse();
}
return Task.CompletedTask;
}
使用 serilog 关闭 asp.net 核心 2.2 中的 mvc 请求日志记录
[英]Turn off mvc request logging in asp.net core 2.2 with serilog
ASP.NET 核心 3.1 OpenIDConnect 消息。state 是 null
[英]ASP.NET Core 3.1 OpenIDConnect message.state is null
如何使 Asp.Net Core Identity 与 OpenIdConnect 一起工作
[英]How to make Asp.Net Core Identity to work with OpenIdConnect
使用ASP.Net MVC中的OpenIdConnect进行身份验证后重定向用户
[英]Redirect user after authentication with OpenIdConnect in ASP.Net MVC
ASP.NET MVC5:在单个页面上关闭 Windows 身份验证
[英]ASP.NET MVC5 : Turn off Windows Authentication on a single page
如何在 JSON 响应 ASP.NET Core 中关闭或处理驼峰式?
[英]How to turn off or handle camelCasing in JSON response ASP.NET Core?
ASP.NET Core 5 OpenIdConnect认证cookies在理论上是如何工作的?
[英]How do the ASP.NET Core 5 OpenIdConnect authentication cookies work in theory?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.