kin*_*ngo 10 oauth-2.0 owin asp.net-mvc-5 owin-middleware
我有一个多租户应用程序.每个租户都可以使用OAUTH-2与Facebook,Twitter,Google等对其用户进行身份验证.每个租户都有自己的API密钥用于上述服务.
设置OWIN管道的典型方法是在"启动"中"使用"auth提供程序,但这会在应用程序启动时设置API密钥.我需要能够为每个请求更改每个oauth API使用的密钥.
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
Provider = cookieAuthProvider,
CookieName = "VarsityAuth",
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseMicrosoftAccountAuthentication(
clientId: "lkjhlkjkl",
clientSecret: "kjhjkk");
我需要能够根据租户更改每个请求的这些设置.我怎样才能做到这一点?
编辑 - 我现在可以确认此解决方案对我有用.
我正在为我自己的项目调查此问题,该项目需要根据请求的主机名或第一个文件夹段支持多租户,具体取决于配置.
我还没有对此进行测试,但我认为在启动时类似这样的代码可能会做到这一点:
例如,我想为每个租户使用不同的auth cokie名称,我认为启动时的代码可能会起作用:
// for first folder segment represents the tenant
app.Map("/branch1", app1 =>
{
app1.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<SiteUserManager, SiteUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
},
CookieName = "branch1-app"
});
});
// for when the host name of the request identifies the tenant
app.MapWhen(IsDomain1, app2 =>
{
app2.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<SiteUserManager, SiteUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
},
CookieName = "domain1-app"
});
});
private bool IsDomain1(IOwinContext context)
{
return (context.Request.Host.Value == "domain1");
}
| 归档时间: |
|
| 查看次数: |
2017 次 |
| 最近记录: |