如何在ASP Net 4.7 MVC应用程序中获取Identity Server 4的access_token
[英]How to get Identity Server 4's access_token in ASP Net 4.7 MVC Application
问题描述
我在ASP Net 4.7.2客户端应用程序中获取Identity Server 4的access_token来调用API时遇到一些问题。
在ASP .Net Core客户端中,我可以这样获得access_token:
public async Task<IActionResult> CallApi()
{
var accessToken = await HttpContext.GetTokenAsync("access_token");
var client = new HttpClient();
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
var content = await client.GetStringAsync("http://localhost:5001/identity");
ViewBag.Json = JArray.Parse(content).ToString();
return View("Json");
}
只是简单的:
var accessToken = await HttpContext.GetTokenAsync("access_token");
但是,如何在ASP Net 4.x客户端中获取access_token?
我的启动代码如下所示:
public class Startup
{
public void Configuration(IAppBuilder app)
{
var authority = JwtSecurityTokenHandler.DefaultInboundClaimTypeMap = new Dictionary<string, string>();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies",
CookieName = "CustomIdentityCookie"
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
//AuthenticationType = "oidc",
Authority = "http://localhost:5000",
RedirectUri = "http://localhost:57319/signin-oidc",
PostLogoutRedirectUri = "http://localhost:57319/signout-callback-oidc",
ClientId = "mvc472",
ClientSecret = "secret",
ResponseType = "code id_token",
Scope = "api01 openid profile offline_access",
// for debug
RequireHttpsMetadata = false,
UseTokenLifetime = false,
SignInAsAuthenticationType = "Cookies"
});
}
}
1 个解决方案
解决方案1
0 2019-02-25 06:42:15
我有解决办法。 希望任何人都可以告诉我该解决方案是否可以。 我使用了来自IdentityServer3的变通办法,如下所示: IdentityServer 3 Mvc Client我编辑了描述的方法并更新到Identity Server 4。
除注销外,它都有效:从Identity Server注销后,我没有重定向到MVC App。 我收到404错误,找不到/ signout-callback-oidc路由。
这里是新的Startup类:
public class Startup
{
public void Configuration(IAppBuilder app)
{
//var authority = JwtSecurityTokenHandler.DefaultInboundClaimTypeMap = new Dictionary<string, string>();
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap = new Dictionary<string, string>();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies"
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
AuthenticationType = "oidc",
Authority = "http://localhost:5000",
RedirectUri = "http://localhost:57319/signin-oidc",
PostLogoutRedirectUri = "http://localhost:57319/signout-callback-oidc",
ClientId = "mvc472",
ClientSecret = "secret",
ResponseType = "code id_token",
Scope = "api01 openid profile offline_access",
// for debug
RequireHttpsMetadata = false,
UseTokenLifetime = false,
SignInAsAuthenticationType = "Cookies",
Notifications = new OpenIdConnectAuthenticationNotifications
{
AuthorizationCodeReceived = async n =>
{
var client = new HttpClient();
DiscoveryResponse disco = await client.GetDiscoveryDocumentAsync("http://localhost:5000");
var tokenResponse = await client.RequestAuthorizationCodeTokenAsync(new AuthorizationCodeTokenRequest
{
Address = disco.TokenEndpoint,
RedirectUri = "http://localhost:57319/signin-oidc",
ClientId = "mvc472",
ClientSecret = "secret",
Code = n.Code
});
var userInfoResponse = await client.GetUserInfoAsync(new UserInfoRequest
{
Address = disco.UserInfoEndpoint,
Token = tokenResponse.AccessToken
});
var id = new ClaimsIdentity(n.AuthenticationTicket.Identity.AuthenticationType);
id.AddClaims(userInfoResponse.Claims);
id.AddClaim(new Claim("access_token", tokenResponse.AccessToken));
id.AddClaim(new Claim("expires_at", DateTime.Now.AddSeconds(tokenResponse.ExpiresIn).ToLocalTime().ToString()));
id.AddClaim(new Claim("refresh_token", tokenResponse.RefreshToken));
id.AddClaim(new Claim("id_token", tokenResponse.IdentityToken));
id.AddClaim(new Claim("sid", n.AuthenticationTicket.Identity.FindFirst("sid").Value));
n.AuthenticationTicket = new AuthenticationTicket(
new ClaimsIdentity(id.Claims, n.AuthenticationTicket.Identity.AuthenticationType, "name", "role"),
n.AuthenticationTicket.Properties
);
},
// noch nicht getestet
RedirectToIdentityProvider = n =>
{
// if signing out, add the id_token_hint
if (n.ProtocolMessage.RequestType == OpenIdConnectRequestType.Logout)
{
var idTokenHint = n.OwinContext.Authentication.User.FindFirst("id_token");
if (idTokenHint != null)
{
n.ProtocolMessage.IdTokenHint = idTokenHint.Value;
}
}
return Task.FromResult(0);
}
}
});
}
}
Asp.net Web Api 2 - 如何从C#代码获取access_token
[英]Asp.net Web Api 2 - how to get access_token from C# code
在asp.net core mvc中通过refresh_token无声更新access_token
[英]Silent renew access_token via refresh_token in asp.net core mvc
在.NET Core Web应用程序中存储Identity Server的访问令牌
[英]Storing access token from Identity Server in NET Core web application
ASP .NET Core 3.1 问题使用 Microsoft OAuth 2.0 获取 access_token
[英]ASP .NET Core 3.1 problem get access_token with Microsoft OAuth 2.0
在 Azure 集成 ASP.NET 核心 MVC 应用程序中获取访问令牌
[英]Get the access token in an Azure integrated ASP.NET Core MVC application
为什么添加 Microsoft Identity auth 会导致另一个策略的 GetTokenAsync("access_token") 返回 null?
[英]Why does adding Microsoft Identity auth cause another policy's GetTokenAsync("access_token") to return null?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
ASP .NET 4.7 MVC身份验证和授权标识
Asp.net Web Api 2 - 如何从C#代码获取access_token
在asp.net core mvc中通过refresh_token无声更新access_token
在.NET Core Web应用程序中存储Identity Server的访问令牌
无法从httpcontext asp.net核心获取“ access_token”
ASP .NET Core 3.1 问题使用 Microsoft OAuth 2.0 获取 access_token
ASP.NET Core 2.0资源access_token
在 Azure 集成 ASP.NET 核心 MVC 应用程序中获取访问令牌
验证访问令牌-Asp.Net身份
为什么添加 Microsoft Identity auth 会导致另一个策略的 GetTokenAsync("access_token") 返回 null?
相关标签