。使用AAD在Azure上运行的.net核心应用程序保持循环进行身份验证

问题描述 投票:0回答:1

我已经创建了一个简单的点网核心MVC应用程序,该程序由visualstudio 2019在项目创建开始时构建。我正在使用Azure活动目录将应用程序托管在azure应用程序服务上。当我登录AAD时,请允许我登录并提供欢迎消息。您已成功登录RETURN TO WEBSITE。当我返回网站时,它再次执行相同的操作,返回到同一屏幕。

<< img src =“ https://image.soinside.com/eyJ1cmwiOiAiaHR0cHM6Ly9pLnN0YWNrLmltZ3VyLmNvbS9OQW1YRi5wbmcifQ==” alt =“在此处输入图像描述”>

我手动添加的唯一更改是客户端ID,该客户端ID是我在AAD中通过redirecturi注册为“ https://.azurewebsites.net/.auth/login/aad/callback”。

这是我的appsettings.json

{
  "AzureAd": {
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "<myid>.onmicrosoft.com",
    "TenantId": "<mt tenant>",
    "RedirectUri": "https://<myappname>.azurewebsites.net",
    "ClientId": "<my client from aad>",
    "CallbackPath": "/signin-oidc"
  },
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft": "Warning",
      "Microsoft.Hosting.Lifetime": "Information"
    }
  },
  "AllowedHosts": "*"
}

这是启动时的代码

namespace Yellalebros
{
    public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
                .AddAzureAD(options => Configuration.Bind("AzureAd", options));

            services.AddControllersWithViews(options =>
            {
                var policy = new AuthorizationPolicyBuilder()
                    .RequireAuthenticatedUser()
                    .Build();
                options.Filters.Add(new AuthorizeFilter(policy));
            });
            services.AddRazorPages();
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
            else
            {
                app.UseExceptionHandler("/Home/Error");
                // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
                app.UseHsts();
            }
            app.UseHttpsRedirection();
            app.UseStaticFiles();

            app.UseRouting();

            app.UseAuthentication();
            app.UseAuthorization();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapControllerRoute(
                    name: "default",
                    pattern: "{controller=Home}/{action=Index}/{id?}");
                endpoints.MapRazorPages();
            });
        }
    }
}
azure asp.net-core-mvc azure-active-directory
1个回答
0
投票

您需要在天蓝色广告中更改redirecturihttps://.azurewebsites.net/.auth/login/aad/callback

https://.azurewebsites.net/signout-oidc

有关详细信息,您可以参考此article有关使用Microsoft将登录添加到ASP.NET Core Web应用程序。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.