我在Visual Studio中创建了一个多租户ASP.NET MVC项目,在localhost
上测试后,我将应用程序发布到Azure,转到Azure门户并更改了应用程序主页uri和回应uri到
http:/{appname}.azurewebsites.net
同时还添加
PostLogoutRedirectUri = "http:/{appname}.azurewebsites.net"
在OpenIdConnectAuthenticationOptions
里Startup.auth.cs
。
问题是,当我尝试访问已发布的应用时,我在登录后被重定向到https://localhost:xxxxx
,在创建项目时自动分配了相同的localhost
端口VS.
我是否需要为我的应用添加http:/{appname}.azurewebsites.net
Uri以重定向到正确的位置?
编辑:在我的web.config文件中:
<configuration>
<appSettings>
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
<add key="ida:ClientId" value="{Guid}" />
<add key="ida:AADInstance" value="https://login.microsoftonline.com/" />
<add key="ida:ClientSecret" value="{secret}" />
<add key="ida:PostLogoutRedirectUri" value="http://{appname}.azurewebsites.net" />
</appSettings>
</configuration>
在我的startup.auth.cs文件中: 私有静态字符串clientId =
ConfigurationManager.AppSettings["ida:ClientId"];
private string appKey = ConfigurationManager.AppSettings["ida:ClientSecret"];
private string resourceEndPoint = "https://manage.office.com";
private static string aadInstance = ConfigurationManager.AppSettings["ida:AADInstance"];
private string authority = aadInstance + "common";
private static string postLogoutRedirectUri = ConfigurationManager.AppSettings["ida:PostLogoutRedirectUri"];
public void ConfigureAuth(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions { });
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = authority,
PostLogoutRedirectUri = postLogoutRedirectUri,
TokenValidationParameters = new System.IdentityModel.Tokens.TokenValidationParameters
{
ValidateIssuer = false,
},
Notifications = new OpenIdConnectAuthenticationNotifications()
{
SecurityTokenValidated = (context) =>
{
return Task.FromResult(0);
},
AuthorizationCodeReceived = (context) =>
{
var code = context.Code;
ClientCredential credential = new ClientCredential(clientId, appKey);
string tenantID = context.AuthenticationTicket.Identity.FindFirst("http://schemas.microsoft.com/identity/claims/tenantid").Value;
string signedInUserID = context.AuthenticationTicket.Identity.FindFirst(ClaimTypes.NameIdentifier).Value;
AuthenticationContext authContext = new AuthenticationContext(aadInstance + tenantID, new ADALTokenCache(signedInUserID));
AuthenticationResult result = authContext.AcquireTokenByAuthorizationCode(
code, new Uri(HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Path)), credential, resourceEndPoint);
return Task.FromResult(0);
},
AuthenticationFailed = (context) =>
{
context.OwinContext.Response.Redirect("/Home/Error");
context.HandleResponse(); // Suppress the exception
return Task.FromResult(0);
}
}
}
);
}
答案 0 :(得分:1)
请设置RedirectUri
对象的OpenIdConnectAuthenticationOptions
属性。
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = authority,
RedrirectUri = <<Redirect Uri>>
答案 1 :(得分:0)
可能需要在https://portal.azure.com网站上的Azure Active Directory>应用程序注册>应用程序ID GUID>设置>答复URL>本文档中所述的保存答复URL进行调整:Azure App Service error: AADSTS50011 < / p>