在.netframework 4.5.2项目上集成identityserver4的登陆功能

时间 2020-05-09

标签 netframework 4.5.2 项目集成 identityserver4 identityserver 登陆功能繁體版

原文原文链接

1、添加引用web

一、添加owin引用版本：1.0.0.0
二、添加 Microsoft.Owin.Security.Cookies 版本：4.1.0
三、添加System.IdentityModel.Tokens.Jwt 版本：5.6.0
四、添加Microsoft.Owin.Security.OpenIdConnect 版本：4.1.0
五、添加Microsoft.Owin.Host.SystemWeb 版本：4.1.0api

2、添加Startup.cs类cookie

    public class Startup
    {
        public void Configuration(IAppBuilder app)
        {
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = "Cookies"
            });
            JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
            app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
            {
                Authority = "http://localhost:5000", //ID Server
                ClientId = "mvc",
                ResponseType = "id_token code",
                SignInAsAuthenticationType = "Cookies",
                RedirectUri = "http://localhost:63931/signin-oidc", //URL of website
                Scope = "openid",
                RequireHttpsMetadata = false,
            });
        }
    }

3、获得用户IDsession

            var aaa = User.Identity;
            userId = ((System.Security.Claims.ClaimsIdentity)aaa).Claims.Where(c => c.Type == "sub").First().Value;

4、远程identityServer4端增长专门用于登出的页面(给客户端调用)mvc

        public async Task<IActionResult> RemoteLogout(string returnUrl)
        {
            if (User?.Identity.IsAuthenticated == true)
            {
                // delete local authentication cookie
                await _signInManager.SignOutAsync();
                // raise the logout event
                await _events.RaiseAsync(new UserLogoutSuccessEvent(User.GetSubjectId(), User.GetDisplayName()));
            }
            return Redirect(returnUrl);
        }

5、mvc端添加登出功能app

            List<string> lstKeys = new List<string> { "idsrv.session", ".AspNetCore", ".AspNet.Cookies" };
            for (int i = 0; i < this.Request.Cookies.Count; i++)
            {
                string cookieName = this.Request.Cookies[i].Name;
                if (lstKeys.Where(c => cookieName.Contains(c)).Any())
                {
                    this.Response.Cookies[cookieName].Expires = DateTime.Now.AddDays(-1);
                }
            }
　　　　　　　//调用远程api清除远程的当前用户登陆信息
　　　　　　　return Redirect("http://212.19.31.12:5000/Account/RemoteLogout?returnUrl=http://localhost:63931");

备注：若是之前用的是Forms认证，就须要把web.config里相似下面的代码注释掉async

<authentication mode="Forms">
      <forms loginUrl="~/Account/Logon" defaultUrl="~/Home/Index" protection="All" slidingExpiration="true" />
    </authentication>
    <authorization>
      <deny users="?" />
      <allow users="*" />
</authorization>