![](/img/trans.png)
[英].net core 2.0 single sign on with Azure - Active Directory Group Listing
[英]Integrating Sign In with Azure Active Directory in .Net Core
我正在尝试通过 Azure Active Directory 与 .net 核心应用程序集成登录选项。 我浏览过微软的博客,也看过用户可以使用微软帐户登录的步骤。 但问题是
“它总是再次将我重定向到登录操作方法。” 这让我回到登录屏幕。
我的创业班
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie()
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
options.Authority = options.Authority + "/v2.0/";
options.TokenValidationParameters.ValidateIssuer = false;
});
我的登录帐户控制器
[HttpGet]
[AllowAnonymous]
public async Task<IActionResult> Login(string returnUrl)
{
if (User.Identity.IsAuthenticated)
return RedirectToAction("Index", "Search");
var domainInfo = await _subdomainProvider.GetDomainInfoAsync(Request.Host.Value);
if (domainInfo.LoginMethod == LoginMethod.AzureAD)
{
var redirectUrl = Url.Action("Index", "Search");
var properties = _signInManager
.ConfigureExternalAuthenticationProperties(LoginMethod.AzureAD.ToString(), redirectUrl);
return new ChallengeResult(LoginMethod.AzureAD.ToString(), properties);
}
else
{
ViewBag.ReturnUrl = returnUrl;
ViewBag.Background = await GetRandomBackgroundAsync(domainInfo.LoginBackgrounds);
}
return View(new LoginModel
{
Language = GetLanguage(),
ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList()
});
}
登录视图
<form method="post" asp-controller="Account" asp-action="SignIn" asp-route-returnUrl="@Model.ReturnUrl">
<h2>@AccountStrings.Login_ExternalLogin_Title</h2>
<div>
@foreach (var provider in Model.ExternalLogins)
{
<button type="submit" class="btn login-provider @provider.DisplayName"
name="provider" value="@provider.Name"
title="Log in using your @provider.DisplayName account">
@provider.DisplayName
</button>
}
</div>
</form>
甚至在 azure 门户上添加了重定向 URL 以重定向到操作方法,即仪表板。但仍然不起作用。
任何帮助,将不胜感激。 谢谢你。
根据我的理解,您希望将 Azure AD 与您的 .net 核心 Web 应用程序集成。 如果是,请参考文档和文章
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "<you tenant doamin>",
"TenantId": "<>",
"ClientId": "<>",
"CallbackPath": "/signin-oidc"
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
//services.Configure<AzureADOptions>(options => Configuration.Bind("AzureAd", options));
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
options.Authority = options.Authority + "/v2.0/";
options.TokenValidationParameters.ValidateIssuer = false;
});
看来您正在使用 ASP.NET Core Identity 和 Azure AD login 。 如果这是您的方案,您可以将CookieSchemeName
设置为Identity.External
以便 asp.net 核心身份可以从外部身份提供者获取外部用户配置文件:
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(
Configuration.GetConnectionString("DefaultConnection")));
services.AddDefaultIdentity<IdentityUser>()
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
options.Authority = options.Authority + "/v2.0/";
options.TokenValidationParameters.ValidateIssuer = false;
});
Azure AD 应用程序设置:
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "xxx.onmicrosoft.com",
"TenantId": "xxxxxx-xxxxx-4f08-b544-b1eb456f228d",
"ClientId": "xxxxx-xxxxx-4717-9821-e4f718fbece4",
"CallbackPath": "/signin-oidc",
"CookieSchemeName": "Identity.External"
},
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.