Micosoft.Owin.Security.ActiveDirectory 用于实施 Azure Active Directory 的 Asp.NET 核心库是什么?
What is the Asp.NET Core library for Micosoft.Owin.Security.ActiveDirectory to implement Azure Active Directory?
我注意到很多 Owin.Security 东西都在 Microsoft.AspNetCore.Authentication 命名空间中。
喜欢
Microsoft.AspNetCore.Authentication.Cookies
Microsoft.AspNetCore.Authentication.Facebook
Microsoft.AspNetCore.Authentication.JwtBearer
但是对于相当于传统ASP.NET中的Micosoft.Owin.Security.ActiveDirectory,一个名为Microsoft.AspNetCore.Authentication.ActiveDirectory的包实际上不是来自微软,而是来自一些OneBitSoftware.主持 here.
我很好奇 ActiveDirectory 命名空间是否已重命名为 JwtBearer 或 OpenIdConnect 或 OAuth。但是 none 似乎像这样与 AzureAD 一起工作:
var options = new WindowsAzureActiveDirectoryBearerAuthenticationOptions
{
Tenant = ...
}
我尝试使用 AzureAD 进行身份验证,但没有 ActiveDirectory,我应该使用哪个 NuGet 包?
更新
ASP.NET docs site中的例子比较老。包裹如
"Microsoft.AspNet.Security.OAuthBearer": "1.0.0-beta3",
最新的 Asp.net 内核不再使用。
Tracher在问题评论区指出了正确的方向
所以我写了一个扩展方法来使用 Azure AD。
namespace Microsoft.AspNetCore.Builder
{
public static class ApplicationBuilderExtensions
{
public static IApplicationBuilder UseAzureADBearerAuthentication(
this IApplicationBuilder app,
IConfigurationRoot configuration)
{
var tenant = configuration.GetSection("AzureAD:Tenant").Value;
var azureADInstance = configuration.GetSection("AzureAD:AzureADInstance").Value;
var audience = configuration.GetSection("AzureAD:Audience").Value;
var authority = $"{azureADInstance}{tenant}";
var jwtBearerAuthOptions = new JwtBearerOptions
{
Audience = audience,
AutomaticAuthenticate = true,
AutomaticChallenge = true,
Authority = authority
};
app.UseJwtBearerAuthentication(jwtBearerAuthOptions);
return app;
}
}
}
IApplicationBuilder 上的扩展方法被放入 Microsoft.AspNetCore.Builder 的命名空间。
在Startup.cs
app.UseCors(builder => builder
.AllowAnyOrigin()
.AllowAnyHeader()
.AllowAnyMethod());
app.UseAzureADBearerAuthentication(Configuration);
app.UseMvc();
设置存储在 appsettings.json 中,如下所示:
"AzureAD": {
"AzureADInstance": "https://login.microsoftonline.com/",
"Tenant": "{my AD}",
"Audience": "{my application registered in AD}"
}
JwtBearer 的 NuGet 包是
"Microsoft.AspNetCore.Authentication.JwtBearer": "1.0.0-rc2-final"
我注意到很多 Owin.Security 东西都在 Microsoft.AspNetCore.Authentication 命名空间中。
喜欢
Microsoft.AspNetCore.Authentication.Cookies
Microsoft.AspNetCore.Authentication.Facebook
Microsoft.AspNetCore.Authentication.JwtBearer
但是对于相当于传统ASP.NET中的Micosoft.Owin.Security.ActiveDirectory,一个名为Microsoft.AspNetCore.Authentication.ActiveDirectory的包实际上不是来自微软,而是来自一些OneBitSoftware.主持 here.
我很好奇 ActiveDirectory 命名空间是否已重命名为 JwtBearer 或 OpenIdConnect 或 OAuth。但是 none 似乎像这样与 AzureAD 一起工作:
var options = new WindowsAzureActiveDirectoryBearerAuthenticationOptions
{
Tenant = ...
}
我尝试使用 AzureAD 进行身份验证,但没有 ActiveDirectory,我应该使用哪个 NuGet 包?
更新
ASP.NET docs site中的例子比较老。包裹如
"Microsoft.AspNet.Security.OAuthBearer": "1.0.0-beta3",
最新的 Asp.net 内核不再使用。
Tracher在问题评论区指出了正确的方向
所以我写了一个扩展方法来使用 Azure AD。
namespace Microsoft.AspNetCore.Builder
{
public static class ApplicationBuilderExtensions
{
public static IApplicationBuilder UseAzureADBearerAuthentication(
this IApplicationBuilder app,
IConfigurationRoot configuration)
{
var tenant = configuration.GetSection("AzureAD:Tenant").Value;
var azureADInstance = configuration.GetSection("AzureAD:AzureADInstance").Value;
var audience = configuration.GetSection("AzureAD:Audience").Value;
var authority = $"{azureADInstance}{tenant}";
var jwtBearerAuthOptions = new JwtBearerOptions
{
Audience = audience,
AutomaticAuthenticate = true,
AutomaticChallenge = true,
Authority = authority
};
app.UseJwtBearerAuthentication(jwtBearerAuthOptions);
return app;
}
}
}
IApplicationBuilder 上的扩展方法被放入 Microsoft.AspNetCore.Builder 的命名空间。
在Startup.cs
app.UseCors(builder => builder
.AllowAnyOrigin()
.AllowAnyHeader()
.AllowAnyMethod());
app.UseAzureADBearerAuthentication(Configuration);
app.UseMvc();
设置存储在 appsettings.json 中,如下所示:
"AzureAD": {
"AzureADInstance": "https://login.microsoftonline.com/",
"Tenant": "{my AD}",
"Audience": "{my application registered in AD}"
}
JwtBearer 的 NuGet 包是
"Microsoft.AspNetCore.Authentication.JwtBearer": "1.0.0-rc2-final"