嗨,我想添加多个提供商
public static AuthenticationBuilder AddIdentityProviders(this AuthenticationBuilder builder, IConfiguration configuration)
{
var identityProvidersOptions = configuration.GetSection(identityProvidersSectionName)
.Get<IdentityProviderOptions[]>();
var ipFactory = new IdentityProviderControlFactory();
foreach (var identityProvider in identityProvidersOptions)
{
if ( Enum.TryParse(identityProvider.Discriminator, out IdentityProviderTypes accessControlType)
&& accessControlType != IdentityProviderTypes.None )
{
builder = ipFactory.GetIdentityProviderService(accessControlType)
.Register(builder, configuration, identityProvider);
}
else
{
throw new NotImplementedException();
}
}
return builder;
}
在设置中,我有两个提供商,然后为每个“注册”方法启动:
AuthenticationBuilder Register(AuthenticationBuilder builder, IConfiguration configuration, IdentityProviderOptions identityProviderOptions)
里面创建一个像这样的单身人士:
builder.Services.AddSingleton<IConfigureOptions<OpenIdConnectOptions>, ConfigureAzureOptions>();
builder.AddOpenIdConnect(identityProviderOptions.Name, identityProviderOptions.Name, _ => { });
在这样的秒钟里
builder.Services.AddSingleton<IConfigureOptions<OpenIdConnectOptions>, ConfigureIBMOptions>();
builder.AddOpenIdConnect(identityProviderOptions.Name, identityProviderOptions.Name, _ => { });
似乎这是一个问题,因为似乎只有一个提供程序可以注册,而秒一个只覆盖一些值,那么如何为身份服务器注册多个提供程序?
如果我添加两个identityProviders,我会得到例外
System.Security.Cryptography.CryptographicException: 'The payload was invalid.'
我知道这已经与CallbackPath和SignedOutCallbackPath有关,因为每个提供者必须是不同的,我现在正在寻找一种方法来覆盖这些端点。
“您将在目标身份提供程序中将特定的CallbackPath和SignedOutCallbackPath配置为允许的站点。因此,当目标身份提供程序回发时,它将回发到您在CallbackPath中配置的路由,Oidc中间件将为您选择正确的配置”