我有一个能够使用 azure b2c 和自定义 web api 进行身份验证的角度应用程序,但是在为 .net 核心 web api 添加中间件时,我得到“必须提供应用程序设置中的 ClientId?它是就像应用程序设置没有约束力一样。
我在 azure configure 中拥有所有内容,包括公开 api、范围、授予权限等。
我现在只使用本地帐户,所以我没有任何其他身份提供者设置,所以应该使用来自 web api 的 clientid。我不确定我错过了什么
//tried this
services.AddMicrosoftIdentityWebApiAuthentication(Configuration, "AzureAdB2C");
//this as well
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApi(Configuration.GetSection("AzureAdB2C"));
{
"AzureAdB2C": {
"Instance": "https://{domain}.b2clogin.com/",
"ClientId": "11111111-1111-1111-1111-111111111111",
"Domain": "{domain}.onmicrosoft.com",
"SignUpSignInPolicyId": "b2c_1_SignupSign"
},
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
},
"AllowedHosts": "*"
}
Request starting HTTP/1.1 GET http://localhost:5000/weatherforecast
fail: Microsoft.AspNetCore.Server.Kestrel[13]
Connection id "0HM729054ALE1", Request id "0HM729054ALE1:00000001": An unhandled exception was thrown by the application.
Microsoft.Extensions.Options.OptionsValidationException: IDW10106: The 'ClientId' option must be provided.
启动
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Identity.Web;
namespace WepApi1
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
//services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
// .AddMicrosoftIdentityWebApi(Configuration.GetSection("AzureAdB2C"));
services.AddMicrosoftIdentityWebApiAuthentication(Configuration, "AzureAdB2C");
services.AddAuthorization();
services.AddControllers();
services.AddCors(o => o.AddPolicy("CorsPolicy", builder =>
{
builder.WithOrigins("http://localhost:4200")
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials()
.SetIsOriginAllowed((host) => true);
}));
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseCors("CorsPolicy");
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
}
}
原来整个问题都是红隼。当我使用 IIS Express 时,一切正常。虚幻
我的依赖注入是这样的:
builder.Services.AddMicrosoftIdentityWebApiAuthentication(builder.Configuration);
这是我的 appsettings.json:
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
},
"AllowedHosts": "*",
"ConnectionStrings": {
"Default": "[YOUR CONNECTION STRING HERE]"
},
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "[YOUR APP DOMAIN HERE]",
"TenantId": "[YOUR APP'S HERE]",
"ClientId": "[YOUR APP'S HERE]",
"Scopes": {
"Read": [ "[YOUR APP'S].Read" ],
"Write": [ "[YOUR APP'S].ReadWrite" ]
},
"AppPermissions": {
"Read": [ "[YOUR APP'S].Read.All" ],
"Write": [ "[YOUR APP'S].ReadWrite.All" ]
}
}
}