我将Azure ActiveDirectory B2C集成到MVC ASP中。我添加了以下配置:
在appsettings.json"AzureADB2C": {
"Instance": "https://tenant.b2clogin.com",
"ClientId": "11111111-1111-1111-1111-111111111111",
"Domain": "tenant.onmicrosoft.com",
"CallbackPath": "/signin-oidc",
"SignedOutCallbackPath": "/signout/B2C_1_SUSI",
"SignUpSignInPolicyId": "B2C_1_SUSI"
}
注意:在上面的配置示例中,我已经用虚拟值替换了我的真实租户和客户端id。
- 和Startup.cs
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.Identity.Web;
using Microsoft.Identity.Web.UI;
namespace WebApp
{
public class Program
{
public static void Main(string[] args)
{
WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
ConfigurationManager configuration = builder.Configuration;
IServiceCollection services = builder.Services;
services
.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(configuration.GetSection(Constants.AzureAdB2C));
services.AddControllersWithViews();
services.AddRazorPages().AddMicrosoftIdentityUI();
// this is for debugging purposes
services.Configure<OpenIdConnectOptions>(
OpenIdConnectDefaults.AuthenticationScheme,
options =>
{
options.Events.OnAccessDenied = async context => {
Console.WriteLine("OnAccessDenied");
};
options.Events.OnAuthenticationFailed = async context => {
Console.WriteLine("OnAuthenticationFailed");
};
options.Events.OnAuthorizationCodeReceived = async context => {
Console.WriteLine("OnAuthorizationCodeReceived");
};
options.Events.OnMessageReceived = async context => {
Console.WriteLine("OnMessageReceived");
};
options.Events.OnRedirectToIdentityProvider = async context => {
Console.WriteLine("OnRedirectToIdentityProvider");
};
options.Events.OnRedirectToIdentityProviderForSignOut = async context => {
Console.WriteLine("OnRedirectToIdentityProviderForSignOut");
};
options.Events.OnRemoteFailure = async context => {
Console.WriteLine("OnRemoteFailure");
};
options.Events.OnRemoteSignOut = async context => {
Console.WriteLine("OnRemoteSignOut");
};
options.Events.OnSignedOutCallbackRedirect = async context => {
Console.WriteLine("OnSignedOutCallbackRedirect");
};
options.Events.OnTicketReceived = async context => {
Console.WriteLine("OnTicketReceived");
};
options.Events.OnTokenResponseReceived = async context => {
Console.WriteLine("OnTokenResponseReceived");
};
options.Events.OnTokenValidated = async context => {
Console.WriteLine("OnTokenValidated");
};
options.Events.OnUserInformationReceived = async context => {
Console.WriteLine("OnUserInformationReceived");
};
});
var app = builder.Build();
if (app.Environment.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
endpoints.MapRazorPages();
});
app.Run();
}
}
}
注册和登录流程工作完美,但当试图注销时失败。
我通过/MicrosoftIdentity/Account/SignedOut触发sign out过程
问题是进程在OnRedirectToIdentityProviderForSignOut和OnSignedOutCallbackRedirect之间无限循环。
关于如何使它正常工作有什么想法吗?
在Startup.cs文件中,修改OnRedirectToIdentityProviderForSignOut事件以显式设置post_logout_redirect_uri参数。用以下代码替换现有的OnRedirectToIdentityProviderForSignOut事件:
options.Events.OnRedirectToIdentityProviderForSignOut = async context =>
{
Console.WriteLine("OnRedirectToIdentityProviderForSignOut");
// Set the post_logout_redirect_uri parameter
context.ProtocolMessage.SetPostLogoutRedirectUri(context.Properties.RedirectUri);
await Task.CompletedTask;
};