基于主机名的ASP.NET Core 2.0身份验证

本文介绍了基于主机名的ASP.NET Core 2.0身份验证的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我会说带有身份验证的经典ASP.NET Core 2.0应用程序包括在 Startup.cs 文件的ConfigureServices方法中添加所需的身份验证服务:

I would say that classic ASP.NET Core 2.0 application with authentication consists of adding desired authentication service in ConfigureServices method in the Startup.cs file:

services.AddAuthentication().AddFacebook(facebookOptions => { facebookOptions.AppId = Configuration["Authentication:Facebook:AppId"]; facebookOptions.AppSecret = Configuration["Authentication:Facebook:AppSecret"]; });

这很好，只要在调用ConfigurationServices方法期间知道身份验证配置并且对于所有请求都相同.

This is fine as long as the authentication configuration is known during the time when ConfigurationServices method is called and is the same for all requests.

我们的案例需要不同的身份验证配置，根据主机名说:

Our case needs different authentication configuration, let say based on host name:

company1.example // has own authentication configuration company2.example // has own (probably different) authentication

有关更多详细信息，company1仅配置了Facebook，company2仅配置了Google身份验证.

For more details company1 has configured only Facebook and company2 has configured only Google authentication.

问题:是否可以对每个主机或每个请求使用不同的身份验证?例如，一旦我知道公司，我就可以加载和使用与此请求相关的身份验证配置.

Question: Is it possible to have different authentication for each host or otherwise for each request? For instance once I know company I can load and use authentication configuration relevant for this request.

推荐答案

有几种方法可以做到这一点.在Facebook和Google的计划事件中包括使用您的IConfiguration或将http上下文作为服务访问.这是最干净的方法之一.您可以按照以下方式制定自己的方案:

There are several ways of doing this. Including using your IConfiguration or accessing http context as a service within your scheme events of facebook and google. Here is one of the cleanest ways of doing this. You can make your own scheme something like this:

public class MyCustomAuth : AuthenticationHandler<AuthenticationSchemeOptions> { public const string SchemeName = "MyCustom"; public MyCustomAuth(IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock) { } protected override async Task HandleChallengeAsync(AuthenticationProperties properties) { if (Request.Host.Value == "") { await Context.ChallengeAsync(GoogleDefaults.AuthenticationScheme); } await Context.ChallengeAsync(FacebookDefaults.AuthenticationScheme); } protected override async Task<AuthenticateResult> HandleAuthenticateAsync() { if (Request.Host.Value == "") { return await Context.AuthenticateAsync(GoogleDefaults.AuthenticationScheme); } return await Context.AuthenticateAsync(FacebookDefaults.AuthenticationScheme); } }

您可以将所有内容添加到启动中，并按以下步骤进行设置:

You can add everything to your startup and set it up like this:

services.AddAuthentication(MyCustomAuth.SchemeName) .AddCookie(...) .AddFacebook(...) .AddGoogle(...) .AddScheme<AuthenticationSchemeOptions, MyCustomAuth>(MyCustomAuth.SchemeName, opts => { });