IdentityServer4登录后如何重定向到上一个URL页面，而不在IdP上注册所有路由 [英] IdentityServer4 How can I redirect after login to the revious url page without registering all routes at IdP

问题描述

按照建议，我应该在IdP上注册授权回调url/redirect_url，

As recommend I would have register the authorize callback url/redirect_url at IdP, which it works.

但是，如果使用MVC应用程序的客户端尝试访问处于未授权状态的页面，将会被重定向到idsrv登录页面.

But what if a client using MVC app tries to access a page with an unauthorized state, will be redirect to idsrv login page.

redirect_url始终是(主页入口点)已配置.

The redirect_url is always (Home page entry point) as configured.

要更改此行为，我将必须在IdP注册所有可能的路由. 那不是解决方案！

To change this behavior I would have to register all possible routes at IdP. That can not a be solution!

在idsrv登录方法上，我尝试过:

On idsrv Login method I have tried:

Login(string returnUrl)

检查returnUrl中的值会得到/connect/authorize/callback?client_id=...

returnUrl应该没有上一页的网址吗?就像在普通的mvc应用中一样.

Shouldn't returnUrl have the url of the previous page? Like in a normal mvc app has..

我试图让Referer将其存储在会话中，然后重定向.

I have tried to get Referer store it on session and then redirect..

 if (!string.IsNullOrEmpty(Request.Headers["Referer"].ToString()))
 {
      this.httpContextAccessor.HttpContext.Session.SetString("Referer", Request.Headers["Referer"].ToString());
 }

但这不起作用Referer为空...

But that doesn't work Referer comes null...

我已经检查了交互服务在上下文中发生了什么

I have checked what's coming on context from interation services

var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl);
                        context.RedirectUri

并返回/signin-oidc/，这是自动返回的方式(主页入口点).

And returns /signin-oidc/ this is the automated way for returning (Home page entry point).

是否有机会获得上一个网址，以便可以重定向用户?

Any chance to get the previous url, so that the user can be redirect?

那我还能做什么?

我正在使用混合流来管理以下客户端:mvc-app，classic-asp，Web api

I'm using Hybrid flow to manage the following clients : mvc-app, classic-asp, web api

推荐答案

以下是一个实现示例，可让您实现所需的目标.请记住，还有其他方法可以实现.

Here's an example of implementation allowing you to achieve what you want. Keep in mind that there's other ways of doing it.

所有代码都在您的客户端上，服务器从不知道有关结束URL的任何信息.

All the code goes on your client, the server never knows anything about the end url.

首先，您要创建一个自定义属性，该属性将修饰您要保护的所有动作/控制器:

First, you want to create a custom attribute that will be decorating all your actions/controllers that you want to protect:

using System;
using System.Web.Mvc;

namespace MyApp
{
    internal class MyCustomAuthorizeAttribute : AuthorizeAttribute
    {
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            base.OnAuthorization(filterContext);

            if (filterContext.Result is HttpUnauthorizedResult)
            {
              filterContext.RequestContext.HttpContext.Session["oidc-returnUrl"] = filterContext.RequestContext.HttpContext.Request.UrlReferrer?.PathAndQuery;
            }
        }
    }
}

然后您将创建一个登录路由/操作，以处理所有授权请求:

And then you are going to create a login route/action that will handle all your authorize requests:

using System.Web.Mvc;

namespace MyApp
{
    public class AccountController : Controller
    {
        [MyCustomAuthorize]
        public ActionResult Login()
        {
            returnUrl = Session["oidc-returnUrl"]?.ToString();

            // clean up
            Session["oidc-returnUrl"] = null;

            return Redirect(returnUrl ?? "/");
        }
    }
}

可以在启动代码中更改登录路径:

The login path can be changed in your startup code:

public class Startup
{

    public void Configure(IApplicationBuilder app)
    {
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            LoginPath = "/my-login"
        });

        app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
        {
            // setting up your client
        });
    }
}

这篇关于IdentityServer4登录后如何重定向到上一个URL页面，而不在IdP上注册所有路由的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！