如何在MSAL.NET上使用oAuth State参数 [英] How to use oAuth State parameter on MSAL.NET
问题描述
我正在尝试使用OAuth2.0 我想提供/附加一个自定义值(在AuthN成功之后,将用户重定向回单击登录按钮的Uri).为此,我还需要以状态"发送当前Uri并取回 那么,如何在使用MSAL的.NET Core项目上对自定义数据使用 您不需要使用它,这是一项可选的安全功能.MSAL.net采用2种机制来防止XSRF和中间人攻击: 状态参数仅由AAD返回.MSAL会将请求中的状态参数与授权码响应中的状态参数进行比较. I am trying to make usage of the I want to provide/append a custom value (Redirect the user back to the Uri where they clicked the sign-in button, after AuthN succeeds).
To do that, I would also need to send the current Uri in 'state' and retrieve the So, how can I use the You don't need to use it, it's an optional security feature. MSAL.net employs 2 mechanism to prevent against attacks such as XSRF and man-in-the-middle: The state param is simply returned back by AAD. MSAL will compare the state param in the request with the state param in the authorisation code response. 这篇关于如何在MSAL.NET上使用oAuth State参数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋! state
值,但在 AuthenticationResult.cs 上看不到任何方法/属性可以保存它的代码.
state
参数? state
和 PKCE
.state
parameter which exists in OAuth2.0 authorization flow on a .NET Core project, using MSAL 4.0 but I couldn`t find a way to do it.state
value back, but I don't see any method/property on AuthenticationResult.cs
that would hold it.state
parameter with custom data on a .NET Core project using MSAL?state
and PKCE
.