我一直在探索 Entra ID 身份验证(单租户、工作组),并按照在线教程进行操作,并设法让事情按预期工作。因此,现在,每当向需要身份验证的页面发出请求时,应用程序都会将用户(我相信是通过 302)路由到 https://login.microsoftonline.com/.../oauth2/v2.0/authorize 终点如预期。
现在,每当用户访问未经授权的内容时,我都需要放置一个简单的登录页面,而不是直接转到授权端点。登陆页面将包含一些信息和一个 Microsoft 登录按钮,该按钮将用户链接到身份验证端点(我们将对此进行编码)。我可以使用任何方法和/或配置来覆盖默认的 302 重定向身份验证端点吗?
之前,我们使用.net core EF身份框架,将帐户存储在数据库中,并通过设置应用程序cookie的LoginPath来工作
builder.Services.ConfigureApplicationCookie(options =>
{
options.LoginPath = new PathString("/LoginLandingPage");
});
但现在我们尝试了 Entra ID,但它不起作用,我认为这是预料之中的。 Program.cs 文件如下。
using Microsoft.Identity.Web;
using Microsoft.Identity.Web.UI;
using Microsoft.EntityFrameworkCore;
using MudBlazor.Services;
using FieldOne_AI_SomTam.Components;
using FieldOne_AI_SomTam.Data;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc.Authorization;
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
builder.Services.AddRazorComponents()
.AddInteractiveServerComponents();
builder.Services.AddMudServices();
builder.Services.AddMicrosoftIdentityWebAppAuthentication(builder.Configuration);
builder.Services.AddHttpContextAccessor();
builder.Services.AddControllersWithViews(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}).AddMicrosoftIdentityUI();
// This doesn't work
//builder.Services.ConfigureApplicationCookie(options =>
//{
// options.LoginPath = new PathString("/Login");
//});
builder.Services.AddCascadingAuthenticationState();
var app = builder.Build();
// Configure the HTTP request pipeline.
if (!app.Environment.IsDevelopment())
{
app.UseExceptionHandler("/Error", createScopeForErrors: true);
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseAntiforgery();
app.MapRazorComponents<App>()
.AddInteractiveServerRenderMode();
app.MapControllers();
app.Run();
AddMicrosoftIdentityWebApp
正在使用cookie方案,所以你应该设置:
builder.Services.Configure<CookieAuthenticationOptions>(CookieAuthenticationDefaults.AuthenticationScheme, options =>
{
options.LoginPath = new PathString("/LoginLandingPage");
});