如何在ASP.NET Core 2.0中设置多个身份验证方案?
我正在尝试将我的auth内容迁移到Core 2.0并使用我自己的身份验证方案出现问题.我在启动时的服务设置如下所示:
var authenticationBuilder = services.AddAuthentication(options => { options.AddScheme("myauth",builder => { builder.HandlerType = typeof(CookieAuthenticationHandler); }); }) .AddCookie(); 我在控制器中的登录代码如下所示: var claims = new List<Claim> { new Claim(ClaimTypes.Name,user.Name) }; var props = new AuthenticationProperties { IsPersistent = persistCookie,ExpiresUtc = DateTime.UtcNow.AddYears(1) }; var id = new ClaimsIdentity(claims); await HttpContext.SignInAsync("myauth",new ClaimsPrincipal(id),props); 但是当我在控制器或动作过滤器中时,我只有一个身份,并且它不是经过身份验证的身份: var identity = context.HttpContext.User.Identities.SingleOrDefault(x => x.AuthenticationType == "myauth"); 导航这些变化一直很困难,但我猜我正在做.AddScheme错了.有什么建议? 编辑:这里(基本上)是一个干净的应用程序,不会在User.Identies上产生两组身份: namespace WebApplication1.Controllers { public class Testy : Controller { public IActionResult Index() { var i = HttpContext.User.Identities; return Content("index"); } public async Task<IActionResult> In1() { var claims = new List<Claim> { new Claim(ClaimTypes.Name,"In1 name") }; var props = new AuthenticationProperties { IsPersistent = true,ExpiresUtc = DateTime.UtcNow.AddYears(1) }; var id = new ClaimsIdentity(claims); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,props); return Content("In1"); } public async Task<IActionResult> In2() { var claims = new List<Claim> { new Claim(ClaimTypes.Name,"a2 name") }; var props = new AuthenticationProperties { IsPersistent = true,ExpiresUtc = DateTime.UtcNow.AddYears(1) }; var id = new ClaimsIdentity(claims); await HttpContext.SignInAsync("a2",props); return Content("In2"); } public async Task<IActionResult> Out1() { await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); return Content("Out1"); } public async Task<IActionResult> Out2() { await HttpContext.SignOutAsync("a2"); return Content("Out2"); } } } 和初创公司: namespace WebApplication1 { public class Startup { public Startup(IConfiguration configuration) { Configuration = configuration; } public IConfiguration Configuration { get; } public void ConfigureServices(IServiceCollection services) { services.AddAuthentication(options => { options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; }) .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme) .AddCookie("a2"); services.AddMvc(); } public void Configure(IApplicationBuilder app,IHostingEnvironment env) { app.UseAuthentication(); app.UseMvc(routes => { routes.MapRoute(name: "default",template: "{controller=Home}/{action=Index}/{id?}"); }); } } } 解决方法
不要使用AddScheme:它是为处理程序编写者设计的低级方法.
要注册cookie处理程序,只需执行以下操作: public class Startup { public void ConfigureServices(IServiceCollection services) { services.AddAuthentication(options => { options.DefaultScheme = "myauth1"; }) .AddCookie("myauth1"); .AddCookie("myauth2"); } public void Configure(IApplicationBuilder app) { app.UseAuthentication(); // ... } } 重要的是要注意,你不能像在1.x中那样注册多个默认方案(这个巨大的重构的重点是避免同时拥有多个自动认证中间件). 如果您绝对需要在2.0中模拟此行为,则可以编写手动调用AuthenticateAsync()的自定义中间件,并创建包含所需身份的ClaimsPrincipal: public class Startup { public void ConfigureServices(IServiceCollection services) { services.AddAuthentication(options => { options.DefaultScheme = "myauth1"; }) .AddCookie("myauth1"); .AddCookie("myauth2"); } public void Configure(IApplicationBuilder app) { app.UseAuthentication(); app.Use(async (context,next) => { var principal = new ClaimsPrincipal(); var result1 = await context.AuthenticateAsync("myauth1"); if (result1?.Principal != null) { principal.AddIdentities(result1.Principal.Identities); } var result2 = await context.AuthenticateAsync("myauth2"); if (result2?.Principal != null) { principal.AddIdentities(result2.Principal.Identities); } context.User = principal; await next(); }); // ... } } (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
- asp.net – Mono有什么不适合的东西?
- 使用什么方法将ASP.Net应用程序部署到野外?
- .net – ReportViewer 2010无法评估表达式
- ASP.NET 1.1到4.0迁移:事件不工作
- 在ASP.NET中使用querystring的最佳做法?
- .net – Umbraco Yay还是Nay?
- asp.net – 计算代码后面的代码行数和aspx文件的工具?
- asp.net-mvc – 可以浏览DataAnnotations的自定义Html帮助器
- 调试w /附加到进程启动ASP.NET开发服务器
- asp.net-mvc – ASP.NET MVC,MVCContrib,Structuremap,让它