如何将ui_locales传递回请求的客户端? [英] How to pass ui_locales back to requested client?
问题描述
授权请求完成后,如何将ui_locales从IdentityServer传递给客户端?
我在不同的域下拥有多个应用程序+ Idsv4(我们无法共享Cookie).示例:
- Mvc App1(主要登陆网站)
- Mvc App2
- 身份服务器
- 用户转到MvcApp1并在屏幕上更改UiLocales(例如es-ES).我将ui-Culture存储在cookie中
- 然后,他们单击登录,然后将AuthorizedRequest与
ui_locales(es-ES)发送到Idsv4. - Idsv4收到
ui_locales,并在登录"屏幕上显示正确的翻译文本(es-ES). - 用户输入成功的用户凭据,然后返回redirectUri
- App1仍然可以显示正确的文本,因为它将语言环境存储在cookie中
- 当用户导航至App2并授权请求时,Idsv4不会返回正确的语言环境
- 因此,App2在成功获得授权后始终显示英文文本
问题是我可以设法在主应用程序和idsv4之间传递语言环境信息,以在两个应用程序中显示正确的本地化文本.但是,当用户导航到第二个应用程序(我们有超过5个与idsv4链接的应用程序)时,它总是设置回英文文本.
请参见下面的序列图:
如上所示,由于Idsv4不会返回ui_locales信息(即使它确实显示了正确的翻译文本),因此第二个应用程序也无法检测到显示哪种语言,并且无法使用默认语言-英语.
我在App1的Startup.cs中按照以下方式通过了区域性信息.但是ctx.ProtocolMessage.UiLocales在OnAuthorizationCodeReceived事件上始终为null.
options.Events = new OpenIdConnectEvents
{
OnRedirectToIdentityProvider = ctx =>
{
ctx.ProtocolMessage.UiLocales = Thread.CurrentThread.CurrentUICulture.Name;
return Task.CompletedTask;
},
OnAuthorizationCodeReceived = ctx =>
{
Console.WriteLine("OnAuthorizationCodeReceived");
return Task.CompletedTask;
},
....
}
因此,我想知道在Idsv4中成功授权后是否仍要嵌入ui_locales值.
还是Idsv4这样做不是因为不是身份验证服务的责任?
当用户导航到其他应用程序以解决此问题时,我是否必须传递语言环境信息?
示例: https://ttcgApp1.com/?ui=es-ES , https://MyApp2.net/?ui-es-ES
能请你帮忙吗?
IdentityServer不会将任何信息发送回客户端,因此最好的解决方案可能是添加一个声明,以告知登录时使用了哪个语言环境. /p>
请注意,令牌确实包含有关登录过程的其他信息,例如使用的流:"amr" = [ "pwd"].
可用于限制客户端访问的信息,例如需要2FA.
由于OnAuthorizationCodeReceived仅在成功登录后才调用,因此您可以在其中读取声明并使用它根据IdentityServer中的用户区域设置来设置区域.
How can I pass the ui_locales from IdentityServer to clients after the Authorised Request has completed?
I've got multiple apps + Idsv4 under different domains (we can't share cookies). Example:
- Mvc App1 (Main landing website)
- Mvc App2
- Identity Server
- The user goes to MvcApp1 and changes the UiLocales on the screen (Eg. es-ES). I stored ui-Culture in the cookies
- Then they click login and the AuthorisedRequest is sent to Idsv4 with
ui_locales(es-ES). - Idsv4 receives the
ui_localesand display the correct translated text (es-ES) with Login screen. - The user enters user credentials, successful and return to redirectUri
- App1 can still show the correct text because it stores the locales in the cookies
- When User naviagates to App2 and authorize request occurs, Idsv4 doesn't return the correct locales
- so, App2 always show English text after successful authorization
The problem is that I can manage to pass the locales information between main app and idsv4 to display correct localized texts in both applications. But when the user navigate to second app (we've got more than 5 apps linked to idsv4), it's always set back to English text.
Please see the sequence diagram below:
As you can see above, since Idsv4 doesn't return ui_locales information (even though it does display correct translation text on its own), second app couldn't detect which language to display and fall back to default language - English.
I passeed the culture info per following in Startup.cs of App1. But ctx.ProtocolMessage.UiLocales is always null on OnAuthorizationCodeReceived event.
options.Events = new OpenIdConnectEvents
{
OnRedirectToIdentityProvider = ctx =>
{
ctx.ProtocolMessage.UiLocales = Thread.CurrentThread.CurrentUICulture.Name;
return Task.CompletedTask;
},
OnAuthorizationCodeReceived = ctx =>
{
Console.WriteLine("OnAuthorizationCodeReceived");
return Task.CompletedTask;
},
....
}
So, I am wondering is there anyway to embed ui_locales values after the successful authorization in Idsv4.
Or Idsv4 is not doing like that because it's not the responsibility of Authentication Service?
Do I have to pass the locale information when the user navigates to other Apps to workaround this problem?
Example: https://ttcgApp1.com/?ui=es-ES, https://MyApp2.net/?ui-es-ES
Could you please help?
IdentityServer does not send any information back to the client, so best solution may be to add a claim that tells which locale was used at the time of login.
Please note that the token does contain additional information about the login process, e.g. the used flow: "amr" = [ "pwd"].
Information that can be used to limit access on the client, e.g. requiring 2FA.
Since OnAuthorizationCodeReceived is only called after succesful login, that's the one place where you can read the claim and use it to set the locale accordingly to the user locale in IdentityServer.
这篇关于如何将ui_locales传递回请求的客户端?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
