Nancy

Nancy

关注
发信
关注(28)粉丝(399)

OWIN中间件OpenID的连接 - code流量(流量类型 - 授权code)文档?

本文介绍了OWIN中间件OpenID的连接 - code流量(流量类型 - 授权code)文档?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

在我实现我使用OpenID的连接服务器(Identity Server的V3 +)来验证Asp.net MVC应用5(带AngularJS前端)

In my implementation I am using OpenID-Connect Server (Identity Server v3+) to authenticate Asp.net MVC 5 app (with AngularJS front-end)

我打算使用OID code流量(带范围Open_ID),以验证客户端(RP)。对于OpenID的连接中间件,我用OWIN(卡塔纳项目)组件。

I am planning to use OID Code flow (with Scope Open_ID) to authenticate the client (RP). For the OpenID connect middle-ware, I am using OWIN (Katana Project) components.

实施前,我想明白了反向信道令牌请求,刷新令牌请求过程中,使用等.. OWIN但我无法找到这种类型的实现任何文件(大多数可用的示例使用隐式流)

Before the implementation, I want to understand back-channel token request, refresh token request process, etc using OWIN.. But I am unable to find any documentation for this type of implementation (most of the available examples use Implicit flow).

我能找到的通用code流实施ID服务器V3这里的

I could find samples for generic Code flow implementation for ID Server v3 here https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source

我要寻找使用OWIN中间件类似的一个?没有任何人有任何指针?

I am looking for a similar one using OWIN middleware ? Does anyone have any pointers ?

推荐答案

在OpenID的连接中间件不支持code流量:的(它已经固定在ASP.NET 5.0版本,虽然)

The OpenID Connect middleware doesn't support the code flow: http://katanaproject.codeplex.com/workitem/247 (it's already fixed in the ASP.NET 5 version, though).

事实上,只有隐性流量( id_token )的官方支持,你必须使用 response_mode = form_post 扩展。要使用该授权code流量只会导致异常的回调过程中被抛出,因为它不会能够从提取(失踪) id_token 认证响应。

Actually, only the implicit flow (id_token) is officially supported, and you have to use the response_mode=form_post extension. Trying to use the authorization code flow will simply result in an exception being thrown during the callback, because it won't be able to extract the (missing) id_token from the authentication response.

虽然不直接支持,您还可以使用混合流量( code + id_token(+令牌)),但它是由你来实现令牌请求的一部分。你可以看到https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/blob/dev/samples/Nancy/Nancy.Client/Startup.cs#L61-L89一个例子。

Though not directly supported, you can also use the hybrid flow (code + id_token (+ token)), but it's up to you to implement the token request part. You can see https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/blob/dev/samples/Nancy/Nancy.Client/Startup.cs#L61-L89 for an example.

这篇关于OWIN中间件OpenID的连接 - code流量(流量类型 - 授权code)文档?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-31 10:36
Powered by LMLPHP ©2025 Nancy 0.040938