共享身份验证Cookie

时间:2019-11-05 18:01:06

标签: c# asp.net-mvc asp.net-core

今天,根据我的公司规则,我使用以下Startup Owin类配置在不同端口中的intranet asp.net mvc 5应用程序之间共享cookie身份验证:

using System;
using System.Configuration;
using Microsoft.AspNet.Identity;
using Microsoft.Owin;
using Microsoft.Owin.Security.Cookies;
using Owin;

[assembly: OwinStartup(typeof(Icomon.ControleProducao.Site.Startup))]
namespace Site
{
    public partial class Startup
    {
        public void ConfigureAuth(IAppBuilder app)
        {
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                ExpireTimeSpan = TimeSpan.FromMinutes(30),
                LoginPath = new PathString("/Account/Login"),
                LogoutPath = new PathString("/Account/Logout"),
                SlidingExpiration = true,
                Provider = new CookieAuthenticationProvider
                {
                    OnApplyRedirect = ApplyRedirect
                }
            });

            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
        }

        private static void ApplyRedirect(CookieApplyRedirectContext context)
        {
            if (Uri.TryCreate(context.RedirectUri, UriKind.Absolute, out Uri absoluteUri))
            {
                var path = PathString.FromUriComponent(absoluteUri);
                if (path == context.OwinContext.Request.PathBase + context.Options.LoginPath)
                    context.RedirectUri = "domain.com/login";
            }

            context.Response.Redirect(context.RedirectUri);
        }
    }
}

现在,我正在尝试在此范围内添加asp.net核心应用程序,但没有成功。这是我的代码:

public void ConfigureServices(IServiceCollection services)
{
    services.AddControllersWithViews(options => options.Filters.Add(new AuthorizeFilter()));

    services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
      .AddCookie(options =>
      {
          options.ExpireTimeSpan = TimeSpan.FromMinutes(30);
          options.SlidingExpiration = true;
          options.Events.OnRedirectToLogin = (context) =>
          {
              if (Uri.TryCreate(context.RedirectUri, UriKind.Absolute, out var absoluteUri))
              {
                  var path = PathString.FromUriComponent(absoluteUri);
                  if (path == context.Request.PathBase + context.Options.LoginPath)
                  {
                      context.Response.Redirect("domain.com/login");
                  }
              }

              return Task.CompletedTask;
          };
      });
}

public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
    }
    else
    {
        app.UseExceptionHandler("/Home/Error");
    }

    app.UseStaticFiles();

    app.UseCookiePolicy();
    app.UseAuthentication();
    app.UseAuthorization();

    app.UseEndpoints(endpoints =>
    {
        endpoints.MapControllerRoute(
            name: "default",
            pattern: "{controller=Home}/{action=Index}/{id?}");
    });
}

我使用此方法,任何用户只需登录一次,就可以访问根据权限列出的所有应用程序。

有人解决吗?非常感谢

0 个答案:

没有答案
相关问题
最新问题