我已经在.net核心应用程序中实现了多种身份验证方案。
services.AddAuthentication(
sharedOptions =>
{
sharedOptions.DefaultScheme = Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultSignInScheme = Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie()
.AddWsFederation("AuthenticationScheme1", options =>
{
options.Wtrealm = tenantList.Find(m => m.TenantID == 1).Wtrealm;
options.MetadataAddress = tenantList.Find(m => m.TenantID == 1).MetadataAddress;
})
.AddWsFederation("AuthenticationScheme2", options =>
{
options.Wtrealm = tenantList.Find(m => m.TenantID == 2).Wtrealm;
options.MetadataAddress = tenantList.Find(m => m.TenantID == 2).MetadataAddress;
});
我想通过特定方案授权特定用户
您可以从中间件中的请求正文/标题中选择基于用户信息进行认证的方案:
app.Use(async (context, next) =>
{
//read userinfo from request body or header
if ("xxx".Equals("[email protected]"))
{
var result = await context.AuthenticateAsync("YourSchemeName");
if (!result.Succeeded)
{
context.Response.StatusCode = 401;
return;
}
}
....
await next();
});