Identityserver 4和Azure AD [英] Identityserver 4 and Azure AD

问题描述

我正在研究使用Identity Server 4在基于C#的MVC应用程序中进行身份验证.我想使用存储在Azure AD中的帐户作为有效用户的来源，但该文档似乎仅涉及Google和OpenID&只提到了Azure.

I'm looking into using Identity Server 4 for authentication within a C# based MVC application. I'd like to use accounts stored in Azure AD as a source of valid users but the documentation only seems to refer to Google and OpenID & only mentions Azure in passing.

有人知道在与Identity Server 4一起使用Azure AD的情况下如何使用Azure AD的任何好的文档和/或教程吗?

Does anybody know of any good documentation and/or tutorials on how to use Azure AD in the context of using it with Identity Server 4?

推荐答案

您可以使用从IdentityServer登录到Azure AD的方法，就像使用从例如登录IdentityServer的登录一样. Javascript或MVC应用.

You can use signin to Azure AD from IdentityServer just as you would use signin to IdentityServer from e.g. a Javascript or MVC app.

我最近已完成此操作，您需要做的就是像这样将OpenIdConnect选项注册到Azure广告:

I have done this recently, and all you need to do is register OpenIdConnect options to Azure Ad like this:

public void ConfigureAuth(IAppBuilder app)
{
    app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

    app.UseCookieAuthentication(new CookieAuthenticationOptions());

    app.UseOpenIdConnectAuthentication(
        new OpenIdConnectAuthenticationOptions
        {
            ClientId = clientId,
            Authority = authority,
            PostLogoutRedirectUri = postLogoutRedirectUri,
        });
}

关于此的更多信息:然后您应该在登录"操作中调用ChallengeAsync方法:

You should then in your Login action call the ChallengeAsync method:

var authenticationProperties = new AuthenticationProperties { RedirectUri = "your redirect uri" };
await HttpContext.Authentication.ChallengeAsync(your policy, authenticationProperties);

然后提供一个回调方法作为GET方法，然后遵循IdentityServer示例中提供的外部登录"示例:

Then provide a callback method as a GET method then follow the External Login samples provided in IdentityServer samples: https://github.com/IdentityServer/IdentityServer4.Samples/blob/dev/Quickstarts/4_ImplicitFlowAuthenticationWithExternal/src/QuickstartIdentityServer/Quickstart/Account/AccountController.cs

这篇关于Identityserver 4和Azure AD的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！