appSettings.json:
"CallbackPath": "/platform/signin-oidc",
我认为它显示了部署代码的 Kubernetes IP。该应用程序使用 Azure 前门来路由请求(如果有帮助的话)。我该如何解决?我可以传递 DNS 名称吗?完整的回调路径而不是相对路径?
我发现了类似的帖子here
但不幸的是,OP 发布的答案中没有足够的详细信息。
startup.cs
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options =>
{
options.AddPolicy("CorsPolicy",
builder => builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader());
});
services.Configure<OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
options.Events.OnRedirectToIdentityProviderForSignOut = async context =>
{
Console.WriteLine("intercepted");
};
});
var azureAd = new AzureAd();
Configuration.GetSection("AzureAd").Bind(azureAd);
services.AddControllersWithViews();
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, o =>
{
o.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.None;
})
.AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.Authority = $"https://login.microsoftonline.com/{azureAd.TenantId}";
options.ClientId = azureAd.ClientId;
options.ResponseType = OpenIdConnectResponseType.Code;
options.ResponseType = OpenIdConnectResponseType.IdToken;
options.SaveTokens = true;
options.Scope.Add("profile");
options.Scope.Add("openid");
options.Scope.Add("offline_access");
options.ClientSecret = azureAd.ClientSecret;
options.CallbackPath = azureAd.CallbackPath; // POINT OF INTEREST
});
}
最佳答案
您可以在重定向到 IdP 之前覆盖重定向 URI,如下所示:
options.Events.OnRedirectToIdentityProvider = (context) =>
{
context.ProtocolMessage.RedirectUri = "full redirect url with front door domain";
return Task.FromResult(0);
};
关于c# - Active Directory redirect_uri 显示 IP 而不是 DNS 名称。如何在使用 Azure AD 进行身份验证时在代码中提供绝对 CallbackPath?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/67574166/