c# - Azure 广告重定向 Uri 获取 http 而不是 https
问题描述
我有需要 azure ad 单点登录的 asp.net 核心项目,但我的应用程序不断将重定向 uri 作为 http 而不是 https 我尝试在启动时添加以下内容
导致 http 而不是 https 的旧启动
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureAd"))
// Add the possibility of acquiring a token to call a protected web API
.EnableTokenAcquisitionToCallDownstreamApi(initialScopes)
// Enables controllers and pages to get GraphServiceClient by dependency injection
// And use an in memory token cache
.AddMicrosoftGraph(Configuration.GetSection("DownstreamApi"))
.AddInMemoryTokenCaches();
解决重定向 uri 添加之前的代码如下
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(msIdentityOption =>
{
msIdentityOption.ClientId = Configuration["AzureAd:ClientId"];
msIdentityOption.Scope.Add("user.read.all");
msIdentityOption.Events.OnRedirectToIdentityProvider = context =>
{
context.ProtocolMessage.RedirectUri = Configuration["RedirectUrl"];
return Task.CompletedTask;
};
msIdentityOption.Instance = Configuration["AzureAd:Instance"];
msIdentityOption.TenantId = Configuration["AzureAd:TenantId"];
msIdentityOption.ClientSecret = Configuration["AzureAd:clientSecret"];
})
// Add the possibility of acquiring a token to call a protected web API
.EnableTokenAcquisitionToCallDownstreamApi(initialScopes)
// Enables controllers and pages to get GraphServiceClient by dependency injection
// And use an in memory token cache
.AddMicrosoftGraph(Configuration.GetSection("DownstreamApi"))
.AddInMemoryTokenCaches();
它在 login.microsoftonline.com 和我的应用程序之间创建了一个重定向循环,我最终在 Microsoft 的登录页面上收到消息,我们无法让您登录我检查了我的日志,它是以下内容
A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS500112: The reply address 'http://mysite/signin-oidc' does not match the reply address 'https://mysite/signin-oidc' provided when requesting Authorization code.
那么无论如何要覆盖重定向uri以使其成为https
解决方案
推荐阅读
- c++ - 多个可变参数函数的单个模板参数包?
- java - 使用 java RMI 传递复合对象
- c# - .NET Benchmark 中的 runtimeconfig.json 无效
- css - 如何在样式组件中覆盖 GlobalStyles?
- php - PHP:验证其字段后的表单重定向
- python-3.x - Kears fit_generator() with y=None
- javascript - 与 TypeScript 反应:类型不可分配给类型“IntrinsicAttributes”
- r - 预测时使用的阈值
- java - Android AsynTask 中的 ArrayList
- matlab - 查找平面和点云之间的相交点