在ASP.Net MVC中使用OpenIdConnect进行身份验证后重定向用户 [英] Redirect user after authentication with OpenIdConnect in ASP.Net MVC

问题描述

我正在将OpenIdConnect提供程序与Owin/Katana一起用于我的asp.net mvc应用程序中的身份验证. OpenIdConnect Provide通过Active Directory对用户进行身份验证.我想对用户进行身份验证后进行一次简单的授权检查，然后将用户重定向到另一个视图.

I am using OpenIdConnect provider with Owin/Katana for authentication in my asp.net mvc application. OpenIdConnect Provide authenticates users against Active Directory. I wanted to do a simple authorization check once the user is authenticated and redirect the user to another view.

app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions()
        {
            Authority = "url",
            Scope="scopes",
            ResponseType = "response",
            ClientId = "clientid",
            SignInAsAuthenticationType = "Cookies",
            Notifications = new OpenIdConnectAuthenticationNotifications()
            {
                SecurityTokenValidated = (context) =>
                {
                    var identity = context.AuthenticationTicket.Identity;
                    var emailClaim = identity.Claims.Where(r => r.Type == ClaimTypes.Email).FirstOrDefault();

                    var user = dbContext.Users.Where(u=>u.Email==emailClaim.Value);
                    if (user != null)
                    {
                        //add user information to claims.
                        identity.AddClaim(new Claim(CustomClaimTypes.PersonId, user.Name.ToString()));
                    }
                    else
                    {
                        //redirect to a page 
                    }

                    return Task.FromResult(0);
                }
             }
        });

如果该用户不在我的数据库中，该如何重定向该用户.

How can I redirect the user if he is not in my database.

推荐答案

我能够通过编写自定义AuthorizeAttribute并将其用于应用程序中的每个类来实现此目的.在自定义授权属性中，我正在检查一个Claim，如果授权检查成功，该索赔将可用；如果未授权，则将用户重定向到一个单独的视图.

I was able to achieve this by writing custom AuthorizeAttribute and using it on every class in my application. In the custom authorize attribute I am checking for the a Claim which will be available if the authorization check is successful and redirecting the user to a separate view if not authorized.

public class CustomAuthorize : AuthorizeAttribute
{
    public override void OnAuthorization(System.Web.Mvc.AuthorizationContext filterContext)
    {
        base.OnAuthorization(filterContext);

        if (filterContext.HttpContext.User.Identity.IsAuthenticated)
        {
            if(UserClaims.PersonId == 0)
            {
                UrlHelper helper = new UrlHelper(filterContext.RequestContext);

                string url = helper.Action("Unauthorized","Error",null,filterContext.HttpContext.Request.Url.Scheme);

                filterContext.Result = new RedirectResult(url);
            }
        }
    }
}

这篇关于在ASP.Net MVC中使用OpenIdConnect进行身份验证后重定向用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！