时间戳

首页 > 解决方案 > 如何将 Identity server 4.0 添加为外部提供者?

asp.net-core - 如何将 Identity server 4.0 添加为外部提供者?

问题描述

看起来所有消息来源都在谈论将外部提供者添加到 Identity Server 4 中,而不是使用 Identity Server 4 作为外部提供者。

我的 startup.cs 有这一行用于 Facebook 身份验证:

            services.AddAuthentication(options =>
            {
                options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
               
            })
            .AddFacebook(facebookOptions =>
            {
                 facebookOptions.AppId = "<appId>";
                 facebookOptions.AppSecret = "<appSecret>";
                 facebookOptions.SaveTokens = true;

             })

我的登录页面上有一个按钮:

<a class="btn btn-primary"
   asp-action="ExternalLogin"
   asp-route-provider="Facebook"
   asp-route-returnUrl="">
    Facebook
</a>

这导致:

[HttpPost]
[HttpGet]
[AllowAnonymous]
public IActionResult ExternalLogin(string provider, string returnUrl = null)
{
    // Request a redirect to the external login provider.
    var redirectUrl = Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = returnUrl });
    var properties = _signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl);

    return Challenge(properties, provider);
}

这一切都有效。我也有一个 Identity Server 4.0 服务器设置,我想将它用作另一个外部提供程序。

            services
            .AddAuthentication(options =>
            {
                options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;

            })
            .AddFacebook(facebookOptions =>
            {
                 facebookOptions.AppId = "<appId>";
                 facebookOptions.AppSecret = "<appSecret>";
                 facebookOptions.SaveTokens = true;

             })
            .AddIdentityServer(identityServerOptions=> //Doesn't exist? or Does it?
            {
                 identityServerOptions.AppId = "<appId>";
                 identityServerOptions.AppSecret = "<appSecret>";
                 identityServerOptions.SaveTokens = true;

             })

如何将身份服务器添加为外部身份验证提供程序?

**更新:**来自本网站

@if (Model.ExternalProviders.Any())
{
    <div class="row">
        <div class="panel-body">
            <ul class="list-inline">
                @foreach (var provider in Model.ExternalProviders)
                {
                    <li>
                        <a class="btn btn-default"
                           asp-action="ExternalLogin"
                           asp-route-provider="@provider.AuthenticationScheme"
                           asp-route-returnUrl="@Model.ReturnUrl">
                            @provider.DisplayName
                        </a>
                    </li>
                }
            </ul>
        </div>
    </div>
}

看起来提供者与身份验证方案相同

标签: asp.net-coreauthenticationidentityserver4openid-connect

解决方案

Identityserver 是经过认证的 OpenId Connect 提供程序,因此您可以只使用:

.AddOpenIdConnect(authenticationScheme, displayName, options =>
{
  options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
  options.Authority = "<base-path-of-your-external-IS>";
  options.ClientSecret = "<appSecret>";
  options.ClientId = "<appId>";
  options.ResponseType = OpenIdConnectResponseType.Code;
  options.SaveTokens = true;
}

推荐阅读