Azure AD 中用户的 Angular 应用程序的身份验证流 [英] Authentication flow for Angular application for users in Azure AD

问题描述

我有一个 Angular 应用程序，它与多个 WEB API 对话以提供交互 UI.我发现很难找到一种方法.我正在关注这个 文章 解释了它的 Angular 部分.我能够在客户端获取令牌.如果客户端发送此 id 令牌，我的 dot net core web API 如何验证令牌?

I have an Angular application which talks to several WEB API's to provide an interacted UI. I am finding really hard time in finding a way to. I am following this article which explains the Angular part of it. I am able to get the token at client side. How can my dot net core web API validate the token if the client sends this id token?

推荐答案

你可以使用 JwtBearer 中间件，它使应用程序能够接收 OpenID Connect 不记名令牌.在 本文档提供了代码示例.

You can use JwtBearer middleware which enables an application to receive an OpenID Connect bearer token. In this document it provides code sample .

或者您可以使用 AzureADAuthenticationBuilderExtensions.AddAzureADBearer Microsoft.AspNetCore.Authentication.AzureAD.UI 库中的方法:

Or you can use AzureADAuthenticationBuilderExtensions.AddAzureADBearer Method in Microsoft.AspNetCore.Authentication.AzureAD.UI library :

services.AddAuthentication(AzureADDefaults.BearerAuthenticationScheme)
            .AddAzureADBearer(options => Configuration.Bind("AzureAd", options));

并在appsettings.json中绑定配置:

"AzureAd": {
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "xxxxx.onmicrosoft.com",
    "TenantId": "cb1c3f2e-a2dd-xxxx-bf8f-f75ab18b21ac",
    "ClientId": "511ece54-a7a2-xxxx-a9f9-bd224e1d0a0f"
},

这篇关于Azure AD 中用户的 Angular 应用程序的身份验证流的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！