[英].net core 2.0 single sign on with Azure - Active Directory Group Listing
[英]Integrating Sign In with Azure Active Directory in .Net Core
我正在嘗試通過 Azure Active Directory 與 .net 核心應用程序集成登錄選項。 我瀏覽過微軟的博客,也看過用戶可以使用微軟帳戶登錄的步驟。 但問題是
“它總是再次將我重定向到登錄操作方法。” 這讓我回到登錄屏幕。
我的創業班
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie()
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
options.Authority = options.Authority + "/v2.0/";
options.TokenValidationParameters.ValidateIssuer = false;
});
我的登錄帳戶控制器
[HttpGet]
[AllowAnonymous]
public async Task<IActionResult> Login(string returnUrl)
{
if (User.Identity.IsAuthenticated)
return RedirectToAction("Index", "Search");
var domainInfo = await _subdomainProvider.GetDomainInfoAsync(Request.Host.Value);
if (domainInfo.LoginMethod == LoginMethod.AzureAD)
{
var redirectUrl = Url.Action("Index", "Search");
var properties = _signInManager
.ConfigureExternalAuthenticationProperties(LoginMethod.AzureAD.ToString(), redirectUrl);
return new ChallengeResult(LoginMethod.AzureAD.ToString(), properties);
}
else
{
ViewBag.ReturnUrl = returnUrl;
ViewBag.Background = await GetRandomBackgroundAsync(domainInfo.LoginBackgrounds);
}
return View(new LoginModel
{
Language = GetLanguage(),
ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList()
});
}
登錄視圖
<form method="post" asp-controller="Account" asp-action="SignIn" asp-route-returnUrl="@Model.ReturnUrl">
<h2>@AccountStrings.Login_ExternalLogin_Title</h2>
<div>
@foreach (var provider in Model.ExternalLogins)
{
<button type="submit" class="btn login-provider @provider.DisplayName"
name="provider" value="@provider.Name"
title="Log in using your @provider.DisplayName account">
@provider.DisplayName
</button>
}
</div>
</form>
甚至在 azure 門戶上添加了重定向 URL 以重定向到操作方法,即儀表板。但仍然不起作用。
任何幫助,將不勝感激。 謝謝你。
根據我的理解,您希望將 Azure AD 與您的 .net 核心 Web 應用程序集成。 如果是,請參考文檔和文章
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "<you tenant doamin>",
"TenantId": "<>",
"ClientId": "<>",
"CallbackPath": "/signin-oidc"
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
//services.Configure<AzureADOptions>(options => Configuration.Bind("AzureAd", options));
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
options.Authority = options.Authority + "/v2.0/";
options.TokenValidationParameters.ValidateIssuer = false;
});
看來您正在使用 ASP.NET Core Identity 和 Azure AD login 。 如果這是您的方案,您可以將CookieSchemeName
設置為Identity.External
以便 asp.net 核心身份可以從外部身份提供者獲取外部用戶配置文件:
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(
Configuration.GetConnectionString("DefaultConnection")));
services.AddDefaultIdentity<IdentityUser>()
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
options.Authority = options.Authority + "/v2.0/";
options.TokenValidationParameters.ValidateIssuer = false;
});
Azure AD 應用程序設置:
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "xxx.onmicrosoft.com",
"TenantId": "xxxxxx-xxxxx-4f08-b544-b1eb456f228d",
"ClientId": "xxxxx-xxxxx-4717-9821-e4f718fbece4",
"CallbackPath": "/signin-oidc",
"CookieSchemeName": "Identity.External"
},
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.