我正在试用 IdentityServer3.Admin 测试版 ( https://github.com/IdentityServer/IdentityServer3.Admin ),但在设置时遇到了一些问题,而且似乎找不到任何指导。
我已经设置了 IdentityManager 项目,所以我将其用作目前为止的指南,但 IdentityAdminServiceFactory 似乎缺少像 IdentityManagerServiceFactory 那样的配置方法。
这是我目前拥有的 Startup.cs 文件中的代码。非常感谢收到任何帮助!
谢谢。
app.Map("/admin", adminApp =>
{
var factory = new IdentityAdminServiceFactory();
//factory.Configure() or something would go here???
adminApp.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies"
});
adminApp.UseWsFederationAuthentication(new WsFederationAuthenticationOptions
{
MetadataAddress = ConfigurationManager.AppSettings["AzureADMetadataEndpoint"],
Wtrealm = ConfigurationManager.AppSettings["AzureADApplicationId"],
SignInAsAuthenticationType = "Cookies",
Notifications = new WsFederationAuthenticationNotifications
{
SecurityTokenValidated = ctx =>
{
var roleClaim = new Claim("role", "IdentityManagerAdministrator");
ctx.AuthenticationTicket.Identity.AddClaim(roleClaim);
return Task.FromResult(0);
}
}
});
adminApp.UseIdentityAdmin(new IdentityAdminOptions
{
Factory = factory,
AdminSecurityConfiguration = new AdminHostSecurityConfiguration
{
HostAuthenticationType = "Cookies",
NameClaimType = ClaimTypes.Name,
RoleClaimType = "role",
AdminRoleName = "IdentityManagerAdministrator"
}
});
});
最佳答案
好的,感谢 Twitter 上一位贡献者的帮助,我已经解决了这个问题。因此,对于遇到同样问题的任何其他人,这就是我的工作方式。
我还必须安装第二个包 IdentityServer3.Admin.EntityFramework。在 github 上的那个 repo 中,还有一个示例项目 ( https://github.com/IdentityServer/IdentityServer3.Admin.EntityFramework/tree/master/source/Host )
使用该代码作为指导,我实现了自己的 IdentityManagerAdminService 以及工厂的扩展方法,其中 "IdServer3" 是我到我的 ID Server DB 的连接字符串我的 Web.config。
public class IdentityAdminManagerService : IdentityAdminCoreManager<IdentityClient, int, IdentityScope, int>
{
public IdentityAdminManagerService()
: base("IdServer3")
{
}
}
public static class IdentityAdminManagerServiceExtensions
{
public static void Configure(this IdentityAdminServiceFactory factory)
{
factory.IdentityAdminService = new Registration<IIdentityAdminService, IdentityAdminManagerService>();
}
}
现在,在我的 Startup.cs 文件中,我有以下内容,当我点击 ID 服务器上的 /admin 路径时,它按预期工作。请注意,WsFederationAuthentication 部分不是必需的。我正在使用 Azure Active Directory 来保护管理部分,这就是我在那里设置它的原因。
app.Map("/admin", adminApp =>
{
var factory = new IdentityAdminServiceFactory();
factory.Configure();
adminApp.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies"
});
adminApp.UseWsFederationAuthentication(new WsFederationAuthenticationOptions
{
MetadataAddress = ConfigurationManager.AppSettings["AzureADMetadataEndpoint"],
Wtrealm = ConfigurationManager.AppSettings["AzureADApplicationId"],
SignInAsAuthenticationType = "Cookies",
Notifications = new WsFederationAuthenticationNotifications
{
SecurityTokenValidated = ctx =>
{
var roleClaim = new Claim("role", "IdentityManagerAdministrator");
ctx.AuthenticationTicket.Identity.AddClaim(roleClaim);
return Task.FromResult(0);
}
}
});
adminApp.UseIdentityAdmin(new IdentityAdminOptions
{
Factory = factory,
AdminSecurityConfiguration = new AdminHostSecurityConfiguration
{
HostAuthenticationType = "Cookies",
NameClaimType = ClaimTypes.Name,
RoleClaimType = "role",
AdminRoleName = "IdentityManagerAdministrator"
}
});
});
关于c# - Startup中IdentityServer3.Admin的配置,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/41745314/