如何在MVC 5中实现多个身份提供者 [英] How to implement multiple identity provider in MVC 5
问题描述
我正在开发一个应用程序,其中有多个租户,每个租户都有自己的身份提供商配置意味着一个拥有天蓝色AD而另一个拥有okta。
我实施了两步登录手段第一个用户将输入用户名/电子邮件地址,通过该地址我们将识别租户及其身份提供商如果用户具有身份提供商设置,我们将重定向到提供商的身份验证端点,否则允许
用户进行本地登录。
$
我尝试使用OpenId Connect实现上述方案。二手  OnRedirectToIdentityProvider覆盖OpenIdConnectAuthenticationOptions以根据租户重定向到认证终点
````
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
权限=权限,
RedirectUri = redirectUri,
PostLogoutRedirectUri = PostLogoutUri,
Scope = OpenIdConnectScope.OpenIdProfile,
ResponseType = OpenIdConnectResponseType.IdToken,
TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = false
},
Notifications = new OpenIdConnectAuthenticationNotifications
{
AuthenticationFailed = OnAuthenticationFailed,
        RedirectToIdentityProvider = OnRedirectToIdentityProvider,
      SecurityTokenValidated =(context)=>
      {
          return task.FromResult(0);
      }¥b $ b   },b $ b   RequireHttpsMetadata = false
});
$
```
````
private static Task OnRedirectToIdentityProvider(RedirectToIdentityProviderNotification< OpenIdConnectMessage,OpenIdConnectAuthenticationOptions> notification)
{
&NBSP; notification.ProtocolMessage.ClientId =" XXXXXXXXXXX";
&NBSP; notification.ProtocolMessage.IssuerAddress =" https:// XXX- XXXXX.XXX.com/oauth2/default/v1/authorize" ;;
&NBSP; notification.ProtocolMessage.RedirectUri =" http:// localhost:XXXX / Home / Callback";
&NBSP; notification.ProtocolMessage.PostLogoutRedirectUri =" http:// localhost:XXXX /" ;;
&NBSP; notification.ProtocolMessage.Scope = OpenIdConnectScope.OpenIdProfile;
&NBSP; notification.ProtocolMessage.ResponseType = OpenIdConnectResponseType.Code;
}
```
使用以上代码我能够使用重写设置重定向到身份验证端点,但** SecurityTokenValidated **方法没有被解雇或我没有获得身份验证令牌。
可以请任何人指导我的方法是否正确或任何其他方法来实现这一目标?
I am developing one application in which there are multiple tenant and each tenant have their own identity provider configuration means one have azure AD and another have okta.
I have implemented two step login means first user will enter and username/email address through which we will identify tenant and its identity provider If user has identity provider setting we will redirect to authentication endpoint of provider else allow
user to do local login.
I have tried to implement above scenario using OpenId Connect. Used OnRedirectToIdentityProvider to override OpenIdConnectAuthenticationOptions to redirect to authentication end point as per tenant
```
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = authority,
RedirectUri = redirectUri,
PostLogoutRedirectUri = PostLogoutUri,
Scope = OpenIdConnectScope.OpenIdProfile,
ResponseType = OpenIdConnectResponseType.IdToken,
TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = false
},
Notifications = new OpenIdConnectAuthenticationNotifications
{
AuthenticationFailed = OnAuthenticationFailed,
RedirectToIdentityProvider = OnRedirectToIdentityProvider,
SecurityTokenValidated = (context) =>
{
return Task.FromResult(0);
}
},
RequireHttpsMetadata = false
});
```
```
private static Task OnRedirectToIdentityProvider(RedirectToIdentityProviderNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> notification)
{
notification.ProtocolMessage.ClientId = "XXXXXXXXXXX";
notification.ProtocolMessage.IssuerAddress = "https://XXX- XXXXX.XXX.com/oauth2/default/v1/authorize";
notification.ProtocolMessage.RedirectUri = "http://localhost:XXXX/Home/Callback";
notification.ProtocolMessage.PostLogoutRedirectUri = "http://localhost:XXXX/";
notification.ProtocolMessage.Scope = OpenIdConnectScope.OpenIdProfile;
notification.ProtocolMessage.ResponseType = OpenIdConnectResponseType.Code;
}
```
Using above code I am able to redirect to authentication endpoint using overridden settings but **SecurityTokenValidated** method not getting fired or I am not getting authentication token.
can any one please guide me whether my approach is correct or any other approach to achieve this?
推荐答案
请在ASP.NET
论坛。
Please post questions related to MVC in the ASP.NET forums.
这篇关于如何在MVC 5中实现多个身份提供者的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
