从Azure AD Connect获取标识令牌

时间:2017-06-29 11:34:56

标签: c# azure asp.net-core identityserver4

我试图找出如何从azure广告连接中获取身份令牌。我正在将它与Identity Server 4(dotnet核心)集成。他们的示例演示了如何将AD与Identity Server连接,但我无法找到实际获取Id令牌的方法。我也试过使用这些事件来访问它,但没有成功。这是我在身份服务器项目上的Startup.cs上的配置。

 public void Configure(IApplicationBuilder app, IHostingEnvironment env, 
 ILoggerFactory loggerFactory)
{
    loggerFactory.AddConsole(LogLevel.Debug);
        app.UseDeveloperExceptionPage();

        app.UseIdentityServer();

        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme,

            AutomaticAuthenticate = false,
            AutomaticChallenge = false
        });

        ///
        /// Setup Custom Data Format
        /// 
        var schemeName = "oidc";
        var dataProtectionProvider = app.ApplicationServices.GetRequiredService<IDataProtectionProvider>();
        var distributedCache = app.ApplicationServices.GetRequiredService<IDistributedCache>();

        var dataProtector = dataProtectionProvider.CreateProtector(
            typeof(OpenIdConnectMiddleware).FullName,
            typeof(string).FullName, schemeName,
            "v1");

        var dataFormat = new CachedPropertiesDataFormat(distributedCache, dataProtector);

        ///
        /// Azure AD Configuration
        /// 
        var clientId = "XXXX";
        var tenantId = "XXXXX";

        app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
        {
            AuthenticationScheme = schemeName,
            DisplayName = "AzureAD",
            SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme,
            ClientId = clientId,
            Authority = $"https://login.microsoftonline.com/{tenantId}",
            ResponseType = OpenIdConnectResponseType.IdToken,
            StateDataFormat = dataFormat,
            Events = new OpenIdConnectEvents
            {
                OnRemoteFailure = OnAuthenticationFailed,
                OnTokenValidated = OnTokenValidated,
                OnTokenResponseReceived = TokenResponseReceived
            },
            TokenValidationParameters = new TokenValidationParameters
            {
                SaveSigninToken = true
            }
        });

        app.UseStaticFiles();
          app.UseMvcWithDefaultRoute();
 }

这些是我的事件处理程序,我希望从中获取id标记。

private Task OnTokenValidated(TokenValidatedContext context)
    {
        var type = context.Properties.GetType();
        var tokens = context.Properties.GetTokens();
        var ci = (System.Security.Claims.ClaimsIdentity)
         ClaimsPrincipal.Current.Identity;
        return Task.FromResult(0);
    }

    private Task OnAuthenticationFailed(FailureContext context)
    {
        var failure = context.Failure;
        return Task.FromResult(0);
    }

    public Task TokenResponseReceived(TokenResponseReceivedContext context)
    {
        var variable = context.TokenEndpointResponse.IdToken;
        return Task.FromResult(0);
    }

1 个答案:

答案 0 :(得分:0)

您可以在[[1,3,5],[a,b,c],[2,4,6]] 下阅读令牌信息。

我使用my sample project作为基础,并添加context.SecurityTokenOnTokenValidated来测试它。

(点击图片放大) enter image description here

相关问题
最新问题