asp.net – 使用Cookie认证的asp net core项目MVC控制器和使用Be
|
我正在使用ASP .net CORE开发一个项目,我们有Angular 2和MVC以及API,需要受Azure AD保护.
Home / Index MVC控制器将启动Angular 2 SPA,Home / Index需要通过cookie身份验证进行保护.我设法使用OpenIdConnectAuthentication – OnAuthorizationCodeReceived事件获取令牌. 我需要使用基于Cookie的身份验证和使用承载身份验证的API来保护MVC控制器(除了Home / Index之外还有更少的控制器),我可以从API获取令牌到Angular,然后在每次后续API调用时使用该令牌. 在不久的将来,将会有使用Bearer令牌调用相同API端点的移动应用程序. 这是我的出发点: Startup.cs public void ConfigureServices(IServiceCollection services)
{
services.AddMvc().AddJsonOptions(config => { config.SerializerSettings.ContractResolver = new DefaultContractResolver(); });
services.AddAuthentication(sharedOptions => sharedOptions.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme);
}
public void Configure(IApplicationBuilder app,IHostingEnvironment env,ILoggerFactory loggerFactory)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions());
Authority = $"https://login.microsoftonline.com/AAAAA}";
ClientId = "BBBB";
ClientSecret = "CCCC";
Audience = "https://localhost:44333/";
app.USEOpenIdConnectAuthentication(new OpenIdConnectOptions
{
ClientId = ClientId,Authority = Authority,PostLogoutRedirectUri = Audience,ResponseType = OpenIdConnectResponseType.CodeIdToken,GetClaimsFromUserInfoEndpoint = false,Events = new OpenIdConnectEvents
{
OnTokenValidated = TokenValidated,OnRemoteFailure = OnAuthenticationFailed,OnAuthorizationCodeReceived = OnAuthorizationCodeReceived
}
});
app.UseMvc(....);
}
题: 如何配置API以仅使用“Bearer”auth和MVC来使用Cookie? 更新 嗨Adem 我从不厌倦第一选择,现在就试试吧. 在下面添加了app.USEOpenIdConnectAuthentication(… app.UseJwtBearerAuthentication(new JwtBearerOptions
{
Authority = "https://login.microsoftonline.com/AAAA",Audience = "https://BBB.onmicrosoft.com/CCCC"
});
对于API控制器[授权(ActiveAuthenticationSchemes =“Bearer”)] 对于MVC控制器[授权(ActiveAuthenticationSchemes =“Cookies”)] 当它击中我的Home Controller时会出现此错误 这个堆栈跟踪 更新2: app.UseWhen(context =>
context.Request.Path.StartsWithSegments("/api"),appBuilder =>
{
app.UseJwtBearerAuthentication(new JwtBearerOptions
{
Authority = Authority,Audience = Configuration["Authentication:AzureAd:Audience"]
});
});
app.UseWhen(context =>
!context.Request.Path.StartsWithSegments("/api"),appBuilder =>
{
app.USEOpenIdConnectAuthentication(new OpenIdConnectOptions
{
ClientId = ClientId,OnAuthorizationCodeReceived = OnAuthorizationCodeReceived
}
});
});
但API似乎仍在使用cookie身份验证.我仍然可以看到请求中包含cookie. 谢谢 解决方法
一种方法是像这样分支应用程序:
app.UseWhen(context => <isApiRequest>,appBuilder =>
{
appBuilder.UseJwtBearerAuthentication();
}
app.UseWhen(context => <isNotApiRequest>,appBuilder =>
{
appBuilder.UseCookieAuthentication();
}
注意:您可以使用“/ api”前缀分支您的api,在这种情况下< isApiRequest>将是context.Request.Path.StartsWithSegment(“/ api”) 另一种方法是使用AuthenticationScheme: app.UseCookieAuthentication(//....); app.UseJwtBearerAuthentication(//...); 然后在api动作中使用Bearer方案: [Autho?rize(ActiveAuthenticationSchemes = "Bearer")]
public IActionResult ApiAction(){}
对于mvc操作,请使用Cookies方案 [Autho?rize(ActiveAuthenticationSchemes = "Cookies")]
public IActionResult MvcAction(){}
(编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
- asp.net-mvc – RazorPDF将pdf文件保存到MVC4中的服务器目录
- asp.net-mvc – 如何使用post或get来检查控制器是否被调用?
- asp.net-mvc – ASP.NET MVC 4,迁移 – 如何在生产服务器上
- .net – Real Life与SOLID开发合作
- asp.net-mvc – .NET 4.5 MVC RouteCollection.LowercaseUr
- asp.net – 如何动态显示网站上的SVN修订版?
- asp.net – 数据库加密或应用程序级加密?
- Asp.net托管相当于Dreamhost(定价,功能和支持)
- asp.net-mvc – ASP.NET MVC – 如何重定向安全?
- asp.net-mvc – asp.net mvc未经授权的回复是空白页吗?