我正在尝试将我的auth内容迁移到Core 2.0并使用我自己的身份验证方案出现问题.我在启动时的服务设置如下所示:
var authenticationBuilder = services.AddAuthentication(options =>
{
options.AddScheme("myauth",builder =>
{
builder.HandlerType = typeof(CookieAuthenticationHandler);
});
})
.AddCookie();
var claims = new List<Claim>
{
new Claim(ClaimTypes.Name,user.Name)
};
var props = new AuthenticationProperties
{
IsPersistent = persistCookie,ExpiresUtc = DateTime.UtcNow.AddYears(1)
};
var id = new ClaimsIdentity(claims);
await HttpContext.SignInAsync("myauth",new ClaimsPrincipal(id),props);
但是当我在控制器或动作过滤器中时,我只有一个身份,并且它不是经过身份验证的身份:
var identity = context.HttpContext.User.Identities.SingleOrDefault(x => x.AuthenticationType == "myauth");
导航这些变化一直很困难,但我猜我正在做.AddScheme错了.有什么建议?
编辑:这里(基本上)是一个干净的应用程序,不会在User.Identies上产生两组身份:
namespace WebApplication1.Controllers
{
public class Testy : Controller
{
public IActionResult Index()
{
var i = HttpContext.User.Identities;
return Content("index");
}
public async Task<IActionResult> In1()
{
var claims = new List<Claim> { new Claim(ClaimTypes.Name,"In1 name") };
var props = new AuthenticationProperties { IsPersistent = true,ExpiresUtc = DateTime.UtcNow.AddYears(1) };
var id = new ClaimsIdentity(claims);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,props);
return Content("In1");
}
public async Task<IActionResult> In2()
{
var claims = new List<Claim> { new Claim(ClaimTypes.Name,"a2 name") };
var props = new AuthenticationProperties { IsPersistent = true,ExpiresUtc = DateTime.UtcNow.AddYears(1) };
var id = new ClaimsIdentity(claims);
await HttpContext.SignInAsync("a2",props);
return Content("In2");
}
public async Task<IActionResult> Out1()
{
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
return Content("Out1");
}
public async Task<IActionResult> Out2()
{
await HttpContext.SignOutAsync("a2");
return Content("Out2");
}
}
}
和初创公司:
namespace WebApplication1
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie("a2");
services.AddMvc();
}
public void Configure(IApplicationBuilder app,IHostingEnvironment env)
{
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(name: "default",template: "{controller=Home}/{action=Index}/{id?}");
});
}
}
}
解决方法
Navigating these changes has been difficult,but I’m guessing that I’m doing .AddScheme wrong.
不要使用AddScheme:它是为处理程序编写者设计的低级方法.
How do I setup multiple auth schemes in ASP.NET Core 2.0?
要注册cookie处理程序,只需执行以下操作:
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(options =>
{
options.DefaultScheme = "myauth1";
})
.AddCookie("myauth1");
.AddCookie("myauth2");
}
public void Configure(IApplicationBuilder app)
{
app.UseAuthentication();
// ...
}
}
重要的是要注意,你不能像在1.x中那样注册多个默认方案(这个巨大的重构的重点是避免同时拥有多个自动认证中间件).
如果您绝对需要在2.0中模拟此行为,则可以编写手动调用AuthenticateAsync()的自定义中间件,并创建包含所需身份的ClaimsPrincipal:
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(options =>
{
options.DefaultScheme = "myauth1";
})
.AddCookie("myauth1");
.AddCookie("myauth2");
}
public void Configure(IApplicationBuilder app)
{
app.UseAuthentication();
app.Use(async (context,next) =>
{
var principal = new ClaimsPrincipal();
var result1 = await context.AuthenticateAsync("myauth1");
if (result1?.Principal != null)
{
principal.AddIdentities(result1.Principal.Identities);
}
var result2 = await context.AuthenticateAsync("myauth2");
if (result2?.Principal != null)
{
principal.AddIdentities(result2.Principal.Identities);
}
context.User = principal;
await next();
});
// ...
}
}
