imhven
/
abp
mirror of https://github.com/abpframework/abp
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

changed order of connections

Browse Source
pull/3392/head
Galip Tolga Erdem 5 years ago
parent 0be742fa06
commit d8f3d5b85c
1 changed files with 37 additions and 39 deletions
Show Stats Download Patch File Download Diff File

64
docs/en/Blog-Posts/2020-04-01/Post.md
Unescape View File

@ -8,10 +8,9 @@ Adding Azure Active Directory is pretty straightforward in Abp framework. Couple
There will be two samples of connections for better covarage;
- **AddOpenIdConnect** (Default Microsoft.AspNetCore.Authentication.OpenIdConnect package)
- **AddAzureAD** (Microsoft.AspNetCore.Authentication.AzureAD.UI package)
- **AddOpenIdConnect** (Default Microsoft.AspNetCore.Authentication.OpenIdConnect package)
-
#### **Update your `appsettings.json`**
@ -29,74 +28,74 @@ In your **.Web** application, add the following section filled with your AzureAD
## AddOpenIdConnect
## AddAzureAD
Modify `ConfigureAuthentication` method of your **BookStoreWebModule** with the following:
#### **Update your `appsettings.json`**
Install `Microsoft.AspNetCore.Authentication.AzureAD.UI` package to your **.Web** application.
In your **.Web** application, add the following section filled with your AzureAD application settings. Modify `ConfigureAuthentication` method of your **BookStoreWebModule** with the following:
````xml
private void ConfigureAuthentication(ServiceConfigurationContext context, IConfiguration configuration)
{
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Add("sub", ClaimTypes.NameIdentifier);
context.Services.AddAuthentication()
.AddIdentityServerAuthentication(options =>
{
options.Authority = configuration["AuthServer:Authority"];
options.RequireHttpsMetadata = false;
options.ApiName = "BookStore";
options.ApiName = "Acme.BookStore";
})
.AddOpenIdConnect("AzureOpenId", "AzureAD", options =>
.AddAzureAD(options => configuration.Bind("AzureAd", options));
context.Services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
options.Authority = "https://login.microsoftonline.com/" + configuration["AzureAd:TenantId"];
options.Authority = options.Authority + "/v2.0/";
options.ClientId = configuration["AzureAd:ClientId"];
options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
options.CallbackPath = configuration["AzureAd:CallbackPath"];
options.ResponseType = OpenIdConnectResponseType.IdToken;
options.RequireHttpsMetadata = false;
options.SaveTokens = true;
options.TokenValidationParameters.ValidateIssuer = false;
options.GetClaimsFromUserInfoEndpoint = true;
options.SaveTokens = true;
options.SignInScheme = IdentityConstants.ExternalScheme;
options.Scope.Add("email");
});
}
````
## AddAzureAD
#### **Update your `appsettings.json`**
Install `Microsoft.AspNetCore.Authentication.AzureAD.UI` package to your **.Web** application.
## AddOpenIdConnect
In your **.Web** application, add the following section filled with your AzureAD application settings. Modify `ConfigureAuthentication` method of your **BookStoreWebModule** with the following:
Modify `ConfigureAuthentication` method of your **BookStoreWebModule** with the following:
````xml
private void ConfigureAuthentication(ServiceConfigurationContext context, IConfiguration configuration)
{
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Add("sub", ClaimTypes.NameIdentifier);
context.Services.AddAuthentication()
.AddIdentityServerAuthentication(options =>
{
options.Authority = configuration["AuthServer:Authority"];
options.RequireHttpsMetadata = false;
options.ApiName = "Acme.BookStore";
options.ApiName = "BookStore";
})
.AddAzureAD(options => configuration.Bind("AzureAd", options));
context.Services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
.AddOpenIdConnect("AzureOpenId", "AzureAD", options =>
{
options.Authority = options.Authority + "/v2.0/";
options.Authority = "https://login.microsoftonline.com/" + configuration["AzureAd:TenantId"];
options.ClientId = configuration["AzureAd:ClientId"];
options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
options.CallbackPath = configuration["AzureAd:CallbackPath"];
options.ResponseType = OpenIdConnectResponseType.IdToken;
options.RequireHttpsMetadata = false;
options.TokenValidationParameters.ValidateIssuer = false;
options.GetClaimsFromUserInfoEndpoint = true;
options.SaveTokens = true;
options.SignInScheme = IdentityConstants.ExternalScheme;
options.Scope.Add("email");
options.GetClaimsFromUserInfoEndpoint = true;
});
}
````
@ -107,7 +106,7 @@ private void ConfigureAuthentication(ServiceConfigurationContext context, IConfi
* Help! `GetExternalLoginInfoAsync` returns `null`!
* **There** can be 2 reasons for this;
* There can be 2 reasons for this;
1. You are trying to authenticate against wrong scheme. Check if you set **SignInScheme** to `IdentityConstants.ExternalScheme`:
@ -115,7 +114,7 @@ private void ConfigureAuthentication(ServiceConfigurationContext context, IConfi
options.SignInScheme = IdentityConstants.ExternalScheme;
````
2. Your `ClaimTypes.NameIdentifier` is null. Check if you added claim mapping:
2. Your `ClaimTypes.NameIdentifier` is `null`. Check if you added claim mapping:
````xml
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
@ -169,5 +168,4 @@ private void ConfigureAuthentication(ServiceConfigurationContext context, IConfi
* Why can't I see **External Register Page** after I sign in from external provider for the first time?
* ABP framework automatically registers your user with supported email claim from your external authentication provider. You can change this behaviour by [Customizing Login Page in Abp Framework](will be link here).
* ABP framework automatically registers your user with supported email claim from your external authentication provider. You can change this behavior by [Customizing Login Page in Abp Framework](will be link here).

Write Preview
Loading…
Cancel
Save