编程语言
首页 > 编程语言> > c# – Multitentant Identity Server 4

c# – Multitentant Identity Server 4

作者:互联网

我正在尝试实现一个处理多租户应用程序SSO的IdentityServer.
在我们的系统中,只有一个IdentityServer4实例来处理多帐户客户端的验证.

在客户端,我使用acr_value传递租户ID.
Startup.cs文件的一段代码如下:

public void ConfigureServices(IServiceCollection services)
{
        services.AddMvc();
        services.AddAuthorization();

        services.AddAuthentication(options =>
            {
                options.DefaultScheme = "Cookies";
                options.DefaultChallengeScheme = "oidc";
            })
            .AddCookie("Cookies")
            .AddOpenIdConnect("oidc", options =>
            {
                options.SignInScheme = "Cookies";
                options.Authority = "http://localhost:5000";
                options.RequireHttpsMetadata = false;
                options.ClientId = "Client1";
                options.ClientSecret = "secret";
                options.ResponseType = "code id_token";
                options.SaveTokens = true;
                options.GetClaimsFromUserInfoEndpoint = true;                    
                options.Scope.Add("openid");
                options.Scope.Add("profile");
                options.Scope.Add("offline_access");
                options.Events.OnRedirectToIdentityProvider = n =>
                {
                    if (n.ProtocolMessage.RequestType == OpenIdConnectRequestType.Authentication)
                    {
                        n.ProtocolMessage.AcrValues = "tenant:clientId1";
                    }
                    return Task.FromResult(0);
                };
            });
}

对于身份服务器,它使用IdentityServer4和ASP.NET核心标识.为了处理多租户客户端身份验证,我在本文中按照Scott Brady提供的ASP.NET身份验证的说明进行操作
https://www.scottbrady91.com/ASPNET-Identity/Quick-and-Easy-ASPNET-Identity-Multitenancy

我修改了UserStore以接收租户Id但是在AccountController的UserStore实例注入时我无法检索传递的acr_value.

以前有人遇到过这个问题吗?

谢谢

解决方法:

如果你还没弄清楚,这是解决方案

private readonly IIdentityServerInteractionService _interaction;


 var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl);
            var tenant = context.Tenant;

标签:c,multi-tenant,identityserver4,asp-net-core-identity
来源: https://codeday.me/bug/20190701/1347888.html