Aar*_*000 7 asp.net-mvc thinktecture-ident-server identityserver3
尝试使用Thinctecture identityserver v3作为多个mvc应用程序的简单sts.
我能够遍历所提供的示例应用程序并且运行正常,但它们都使用嵌入式身份服务器.我需要将identityserver作为一个单独的应用程序,以便我可以将它用作多个应用程序的sts.当我尝试运行身份服务器并将示例mvc应用程序连接到它时似乎缺少某些东西.
示例mvc应用程序使用武士刀
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions...
但我只是不明白如何正确配置外部应用服务.我的猜测是我没有使用正确的端点.
这是我的依赖方配置为mvc.然后我在这里运行了最新的IS v3 :: 44333
在mvc应用程序中,每当我尝试导航到需要授权的视图时,我都会得到异常.
堆栈跟踪:
[HttpRequestException: Response status code does not indicate success: 404 (Not Found).]
System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode() +87960
Microsoft.IdentityModel.Protocols.<GetDocumentAsync>d__0.MoveNext() +496
[IOException: Unable to get document from: https://localhost:44333/.well-known/openid-configuration]
Microsoft.IdentityModel.Protocols.<GetDocumentAsync>d__0.MoveNext() +830
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +93
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +52
System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() +24
Microsoft.IdentityModel.Protocols.<GetAsync>d__0.MoveNext() +512
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +93
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +52
System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() +24
Microsoft.IdentityModel.Protocols.<GetConfigurationAsync>d__3.MoveNext() +1332
这是mvc应用程序中的完整身份验证配置.
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
//Authority = "https://localhost:44319/identity",
Authority = "https://localhost:44333",
ClientId = "mvc",
Scope = "openid profile roles",
RedirectUri = "https://localhost:44319/",
SignInAsAuthenticationType = "Cookies",
UseTokenLifetime = false,
Notifications = new OpenIdConnectAuthenticationNotifications
{
SecurityTokenValidated = async n =>
{
var id = n.AuthenticationTicket.Identity;
// we want to keep first name, last name, subject and roles
var givenName = id.FindFirst(Constants.ClaimTypes.GivenName);
var familyName = id.FindFirst(Constants.ClaimTypes.FamilyName);
var sub = id.FindFirst(Constants.ClaimTypes.Subject);
var roles = id.FindAll(Constants.ClaimTypes.Role);
// create new identity and set name and role claim type
var nid = new ClaimsIdentity(
id.AuthenticationType,
Constants.ClaimTypes.GivenName,
Constants.ClaimTypes.Role);
nid.AddClaim(givenName);
nid.AddClaim(familyName);
nid.AddClaim(sub);
nid.AddClaims(roles);
// keep the id_token for logout
nid.AddClaim(new Claim("id_token", n.ProtocolMessage.IdToken));
// add some other app specific claim
nid.AddClaim(new Claim("app_specific", "some data"));
n.AuthenticationTicket = new AuthenticationTicket(
nid,
n.AuthenticationTicket.Properties);
},
RedirectToIdentityProvider = async n =>
{
if (n.ProtocolMessage.RequestType == OpenIdConnectRequestType.LogoutRequest)
{
var idTokenHint = n.OwinContext.Authentication.User.FindFirst("id_token");
if (idTokenHint != null)
{
n.ProtocolMessage.IdTokenHint = idTokenHint.Value;
}
}
}
}
});
| 归档时间: |
|
| 查看次数: |
4134 次 |
| 最近记录: |