具有多个 OIDC 身份验证配置的 OWIN
Posted
技术标签:
【中文标题】具有多个 OIDC 身份验证配置的 OWIN【英文标题】:OWIN With Multiple OIDC Auth Configurations 【发布时间】:2021-08-17 02:15:19 【问题描述】:我的应用程序是 Asp.Net 4.7.2 Framework MVC。我想注册三个 OWIN OIDC Auth 配置并能够从中进行选择。
OpenIdConnectAuthenticationOptions oidcOptions1 = new OpenIdConnectAuthenticationOptions
ClientId = _oktaMvcOptions.ClientId,
ClientSecret = _oktaMvcOptions.ClientSecret,
Authority = _issuer,
RedirectUri = _oktaMvcOptions.RedirectUri,
ResponseType = OpenIdConnectResponseType.Code,
RedeemCode = true,
Scope = scopeString,
PostLogoutRedirectUri = _oktaMvcOptions.PostLogoutRedirectUri,
TokenValidationParameters = tokenValidationParameters,
SecurityTokenValidator = new StrictSecurityTokenValidator(),
AuthenticationMode = (_oktaMvcOptions.LoginMode == LoginMode.SelfHosted) ? AuthenticationMode.Passive : AuthenticationMode.Active,
SaveTokens = true,
Notifications = new OpenIdConnectAuthenticationNotifications
RedirectToIdentityProvider = BeforeRedirectToIdentityProviderAsync,
SecurityTokenValidated = SecurityTokenValidatedAsync,
AuthenticationFailed = _oktaMvcOptions.AuthenticationFailed,
,
;
OpenIdConnectAuthenticationOptions oidcOptions2 = new OpenIdConnectAuthenticationOptions...;
OpenIdConnectAuthenticationOptions oidcOptions3 = new OpenIdConnectAuthenticationOptions...;
在 Startup.cs 中,配置如下所示:
public void Configuration(IAppBuilder app)
app.UseOpenIdConnectAuthentication(oidcOptions1);
app.UseOpenIdConnectAuthentication(oidcOptions2);
app.UseOpenIdConnectAuthentication(oidcOptions3);
它们都是 OpenIdConnect 类型。当我发起挑战时:
HttpContext.GetOwinContext().Authentication.Challenge();
如何告诉挑战使用 oidcOptions2 或 oidcOptions3?如何指定使用哪一个?
谢谢。
【问题讨论】:
【参考方案1】:没关系 - 很简单:
OpenIdConnectAuthenticationOptions oidcOptions1 = new OpenIdConnectAuthenticationOptions("first")
...
然后:
HttpContext.GetOwinContext().Authentication.Challenge("first");
【讨论】:
以上是关于具有多个 OIDC 身份验证配置的 OWIN的主要内容,如果未能解决你的问题,请参考以下文章
是否有基于 OIDC 的基于 IDaaS 的社交登录的标准模式?
具有 OWIN 自主机和 Windows 身份验证的 Web Api
具有混合身份验证 JWT 和 SAML 的 ASP.NET Web API 2.2 OWIN