1. 首页
  2. 问答
  3. 从Azure的AD连接​​

从Azure的AD连接​​

2017-06-29 48 views
0

获取身份令牌,我试图找出如何从蔚蓝的广告连接获得身份标记。我将它与Identity Server 4(dotnet核心)集成。他们的示例显示了如何将AD与Identity Server连接,但我无法找到实际获得Id令牌的方式。我也尝试使用事件访问它,但没有成功。这是我在身份服务器项目上的Startup.cs上的配置。从Azure的AD连接​​

public void Configure(IApplicationBuilder app, IHostingEnvironment env, 
ILoggerFactory loggerFactory) 
{ 
    loggerFactory.AddConsole(LogLevel.Debug); 
     app.UseDeveloperExceptionPage(); 

     app.UseIdentityServer(); 

     app.UseCookieAuthentication(new CookieAuthenticationOptions 
     { 
      AuthenticationScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme, 

      AutomaticAuthenticate = false, 
      AutomaticChallenge = false 
     }); 

     /// 
     /// Setup Custom Data Format 
     /// 
     var schemeName = "oidc"; 
     var dataProtectionProvider = app.ApplicationServices.GetRequiredService<IDataProtectionProvider>(); 
     var distributedCache = app.ApplicationServices.GetRequiredService<IDistributedCache>(); 

     var dataProtector = dataProtectionProvider.CreateProtector(
      typeof(OpenIdConnectMiddleware).FullName, 
      typeof(string).FullName, schemeName, 
      "v1"); 

     var dataFormat = new CachedPropertiesDataFormat(distributedCache, dataProtector); 

     /// 
     /// Azure AD Configuration 
     /// 
     var clientId = "XXXX"; 
     var tenantId = "XXXXX"; 

     app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions 
     { 
      AuthenticationScheme = schemeName, 
      DisplayName = "AzureAD", 
      SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme, 
      ClientId = clientId, 
      Authority = $"https://login.microsoftonline.com/{tenantId}", 
      ResponseType = OpenIdConnectResponseType.IdToken, 
      StateDataFormat = dataFormat, 
      Events = new OpenIdConnectEvents 
      { 
       OnRemoteFailure = OnAuthenticationFailed, 
       OnTokenValidated = OnTokenValidated, 
       OnTokenResponseReceived = TokenResponseReceived 
      }, 
      TokenValidationParameters = new TokenValidationParameters 
      { 
       SaveSigninToken = true 
      } 
     }); 

     app.UseStaticFiles(); 
      app.UseMvcWithDefaultRoute(); 
}

这些是我的事件处理程序,我希望从中获取id令牌。

private Task OnTokenValidated(TokenValidatedContext context) 
    { 
     var type = context.Properties.GetType(); 
     var tokens = context.Properties.GetTokens(); 
     var ci = (System.Security.Claims.ClaimsIdentity) 
     ClaimsPrincipal.Current.Identity; 
     return Task.FromResult(0); 
    } 

    private Task OnAuthenticationFailed(FailureContext context) 
    { 
     var failure = context.Failure; 
     return Task.FromResult(0); 
    } 

    public Task TokenResponseReceived(TokenResponseReceivedContext context) 
    { 
     var variable = context.TokenEndpointResponse.IdToken; 
     return Task.FromResult(0); 
    }

来源

2017-06-29 Moutabreath

回答

0

您可以在context.SecurityToken下阅读令牌信息。

我使用my sample project作为基准,并添加OnTokenValidatedOnTokenResponseReceived来测试它。

(点击图片放大) enter image description here

来源

2017-06-29 13:37:14 Win

+0

我需要身份标记。表示身份的jwt字符串。即使它们是相同的,我仍然看不到可以从您的示例中检索到的字符串。 – Moutabreath

相关问题

 相关问题