使用 accesstoken/AuthenticationResult 手动设置 cookie -like UseCookieAuthentication() owin 中间件

Question

在控制器的 Action 中，我们有包含 AccessToken 的 AuthenticationResult。

我们想用这个等同于 UserCookieAuthentication owin 中间件的令牌进行手动登录。这可能吗？

public partial class Startup
{
    public void ConfigureAuth(IAppBuilder app)
    {
        app.UseCookieAuthentication(new CookieAuthenticationOptions());
        app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

        app.UseWindowsAzureActiveDirectoryBearerAuthentication(
            new WindowsAzureActiveDirectoryBearerAuthenticationOptions
            {
                Tenant = ConfigurationManager.AppSettings["ida:Tenant"],
                TokenValidationParameters = new TokenValidationParameters
                {
                ValidAudience = ConfigurationManager.AppSettings["ida:Audience"]
            },
            });
    }
}

我一直在查看 HttpContext.GetOwinContext()。Authentication.SignIn() 但它不需要任何令牌。

Answer 1

查看 Katana/Owin Github 项目，以下 TokenHelper 使用 AuthenticationResponseGrant 方法解决了它：

                result = await authContext.AcquireTokenAsync(resource, clientId, uc);

                var principal = await new TokenHelper().GetValidatedClaimsPrincipalAsync(result.AccessToken);

                var claimsIdentity = new ClaimsIdentity(principal.Claims, CookieAuthenticationDefaults.AuthenticationType);

                var properties = new AuthenticationProperties();

                HttpContext.GetOwinContext().Authentication.AuthenticationResponseGrant =
                    new AuthenticationResponseGrant(claimsIdentity, properties);

使用 accesstoken/AuthenticationResult 手动设置 cookie -like UseCookieAuthentication() owin 中间件

Manual set cookies using accesstoken/AuthenticationResult -like UseCookieAuthentication() owin middleware

c#

asp.net-mvc

owin