如何在客户端授权应用程序、okta、oidc .net 中计算端点
how to work out endpoints in a client authorization app, okta, oidc .net
玩过 oidc 身份验证后更好地理解它。我知道我失败的地方,我没有正确设置端点。所以我下载了一些代码并尝试了一下。
我想做的是更改登录和注销的重定向网址。此代码旨在允许我通过外部服务器 (okta) 进行连接:
在启动中:
public void ConfigureServices(IServiceCollection services)
{
services.ConfigureApplicationCookie(options =>
{
options.Cookie.HttpOnly = true;
options.Cookie.SecurePolicy = Microsoft.AspNetCore.Http.CookieSecurePolicy.Always;
})
.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOktaMvc(new OktaMvcOptions
{
// Replace these values with your Okta configuration
OktaDomain = Configuration.GetValue<string>("Okta:OktaDomain"),
AuthorizationServerId = Configuration.GetValue<string>("Okta:AuthorizationServerId"),
ClientId = Configuration.GetValue<string>("Okta:ClientId"),
ClientSecret = Configuration.GetValue<string>("Okta:ClientSecret"),
Scope = new List<string> { "openid", "profile", "email" },
});
services.AddControllersWithViews();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
在自述文件中,它指定为了使其工作,我必须更新 okta 上的端点,我已经完成了,将它们设置为 .../authorization-code/callback 用于登录和../signout/callback 用于注销。
所以我看了一下code,authorization-code不是controller,要么signout。
这是我的家庭控制器:
public class AccountController : Controller
{
public IActionResult SignIn()
{
if (!HttpContext.User.Identity.IsAuthenticated)
{
return Challenge(OktaDefaults.MvcAuthenticationScheme);
}
return RedirectToAction("Index", "Home");
}
[HttpPost]
public IActionResult SignOut()
{
return new SignOutResult(
new[]
{
OktaDefaults.MvcAuthenticationScheme,
CookieAuthenticationDefaults.AuthenticationScheme,
},
new AuthenticationProperties { RedirectUri = "/Home/" });
}
那么,有人可以向我解释一下端点吗?我没有看到回调或授权代码,但我确实看到了注销,但没有回调?
终于找到了!!!
问题是它是默认设置的,在下载的 nuget 包中,有一个 class 可以根据屏幕截图设置默认值:
那么要改变这个,我只需要改变这个的值,或者设置一个不同的值。感谢大家的阅读,希望对大家有所帮助
玩过 oidc 身份验证后更好地理解它。我知道我失败的地方,我没有正确设置端点。所以我下载了一些代码并尝试了一下。
我想做的是更改登录和注销的重定向网址。此代码旨在允许我通过外部服务器 (okta) 进行连接: 在启动中:
public void ConfigureServices(IServiceCollection services)
{
services.ConfigureApplicationCookie(options =>
{
options.Cookie.HttpOnly = true;
options.Cookie.SecurePolicy = Microsoft.AspNetCore.Http.CookieSecurePolicy.Always;
})
.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOktaMvc(new OktaMvcOptions
{
// Replace these values with your Okta configuration
OktaDomain = Configuration.GetValue<string>("Okta:OktaDomain"),
AuthorizationServerId = Configuration.GetValue<string>("Okta:AuthorizationServerId"),
ClientId = Configuration.GetValue<string>("Okta:ClientId"),
ClientSecret = Configuration.GetValue<string>("Okta:ClientSecret"),
Scope = new List<string> { "openid", "profile", "email" },
});
services.AddControllersWithViews();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
在自述文件中,它指定为了使其工作,我必须更新 okta 上的端点,我已经完成了,将它们设置为 .../authorization-code/callback 用于登录和../signout/callback 用于注销。
所以我看了一下code,authorization-code不是controller,要么signout。
这是我的家庭控制器:
public class AccountController : Controller
{
public IActionResult SignIn()
{
if (!HttpContext.User.Identity.IsAuthenticated)
{
return Challenge(OktaDefaults.MvcAuthenticationScheme);
}
return RedirectToAction("Index", "Home");
}
[HttpPost]
public IActionResult SignOut()
{
return new SignOutResult(
new[]
{
OktaDefaults.MvcAuthenticationScheme,
CookieAuthenticationDefaults.AuthenticationScheme,
},
new AuthenticationProperties { RedirectUri = "/Home/" });
}
那么,有人可以向我解释一下端点吗?我没有看到回调或授权代码,但我确实看到了注销,但没有回调?
终于找到了!!!
问题是它是默认设置的,在下载的 nuget 包中,有一个 class 可以根据屏幕截图设置默认值:
那么要改变这个,我只需要改变这个的值,或者设置一个不同的值。感谢大家的阅读,希望对大家有所帮助