我正在ASP.Net MVC C#中开发一个依赖方,该依赖方应在外部身份提供程序中进行身份验证,我正在使用Microsoft的owin库。我遇到的问题是,Idp不会公开元数据终结点,即使我未在配置中指定它,当我尝试联系Idp时也会引发异常。
[InvalidOperationException:IDX10803:无法创建获取
配置来自:
'https://domain.com/oidc/.well-known/openid-configuration'。]
我有以下代码片段:
var options = new OpenIdConnectAuthenticationOptions();
options.AuthenticationType = authenticationType;
options.ClientId = clientConfiguration.ClientID;
options.ClientSecret = AppSettings.ClientSecret;
options.Notifications = new OpenIdConnectAuthenticationNotifications
{
SecurityTokenValidated = n => ReceiveValidSecurityToken(n),
RedirectToIdentityProvider = n => ROSAddProtocolToken(n, clientConfiguration),
AuthenticationFailed = n => AuthenticationFailed(n),
};
options.Authority = AppSettings.Authority;
options.RedirectUri = clientConfiguration.GetPostLoginRedirectUri(clientConfiguration.CurrentCulture).ToString();
options.ResponseType = "code";
options.Scope = AppSettings.Scope;
options.ClientSecret = clientConfiguration.ClientSecret;
options.SignInAsAuthenticationType = CookieAuthenticationDefaults.AuthenticationType;
我的问题是,如何在MS Owin库中指定所有终结点(授权,令牌,UserInfo,Jwls)?
Idp需要以下设置:
范围:openid
Http绑定:GET
响应类型:代码
令牌端点身份验证方法:client_secret_jwt
最佳答案
好了,几个小时后,我弄清楚了如何指定端点。
var options = new OpenIdConnectAuthenticationOptions();
options.Configuration = new OpenIdConnectConfiguration
{
AuthorizationEndpoint = AppSettings.Authority + "/" + AutorizationEndpointSufix,
JwksUri = AppSettings.Authority + "/" + JwksEndpointSufix,
TokenEndpoint = AppSettings.Authority + "/" + TokenEndpointSufix,
UserInfoEndpoint = AppSettings.Authority + "/" + UserInfoEndpointSufix,
Issuer = AppSettings.Authority
};
如果实例化Configuration属性,则它将忽略元数据。我设法从授权端点获得响应,只是想知道如何触发令牌端点,有什么想法吗?
关于c# - 在不指定元数据端点的情况下使用OpenId Connect,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/41960402/