Azure移动应用程序自定义身份验证 [英] Azure Mobile Apps custom authentication
问题描述
我正在尝试使用MobileServiceClient的LoginAsync(string provider, JObject token)
重载来实现自定义身份验证.我有一个像这样的自定义身份验证控制器
I'm trying to implement custom auth using the LoginAsync(string provider, JObject token)
overload of MobileServiceClient. I'have a custom auth controller like this
[MobileAppController]
public class CustomAuthController : ApiController
{
public async Task<IHttpActionResult> Post([FromBody] JObject assertion)
{
...
}
}
在后端启动中,我设置了路由
and inside backend startup I set the route
config.Routes.MapHttpRoute("CustomAuth", ".auth/login/CustomAuth",new { controller = "CustomAuth" });
在客户端,呼叫是:
var credentials = new JObject
{
["email"] = username,
["password"] = password
};
MobileServiceUser user;
try
{
user = await MobileService.LoginAsync("CustomAuth", credentials);
}
catch (Exception ex)
{
Debug.WriteLine(ex.Message);
throw;
}
我认为这都是正确的,但是我无法使用LoginAsync方法调用控制器(在调试中,我在控制器的第一条指令上设置了一个断点). 而且我什至看不到异常,因为它从未实现过catch阻止. 但是我可以使用Postman例如将请求发送到CustomAuthController,在这种情况下,可以达到调试断点... 我不明白为什么! 我正在尝试调试LoginAsync(使用MobileServiceTokenAuthentication)反编译的代码,但未成功...请帮助! 在后端,我的自定义身份验证是使用auth0委托api进行的.
I think all it's correct but I cannot call the controller with LoginAsync method (in debug I set a breakpoint on first instruction of controller). And I connot even see the exception because the catch block it's never reached. But I can send request to CustomAuthController using Postman for example and in this case the debug breakpoint is reached... I don't understand why!! I'm trying to debug LoginAsync (that uses MobileServiceTokenAuthentication) decompiled code without success...please help! On backend side my custom authentication is made with auth0 delegation api.
推荐答案
您将需要从控制器代码中删除[MobileAppController]
属性.此属性增加了一个要求,即调用必须包含版本标头,并且客户端SDK不会为登录方法发送这些标头.或者,您可以在客户端上使用委派处理程序来注入此标头,但是服务器端更改将涉及较少的代码.在自定义身份验证的上下文中,该属性没有提供我可以想到的任何好处,因此应该安全删除.
You will need to remove the [MobileAppController]
attribute from the controller code. This attribute adds a requirement that the call include a version header, and the client SDK does not send these for the login methods. Alternatively you could use a delegating handler on the client to inject this header, but the server-side change will involve less code. In the context of custom auth, the attribute isn't providing any benefit that I can think of, so it should be safe to remove.
这篇关于Azure移动应用程序自定义身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!