Fatal编程技术网
  • azure/
  • Azure web api身份验证后向cookie添加承载令牌

Azure web api身份验证后向cookie添加承载令牌

azure asp.net-core-mvc

Azure web api身份验证后向cookie添加承载令牌,azure,asp.net-core-mvc,asp.net-core-webapi,Azure,Asp.net Core Mvc,Asp.net Core Webapi,在我的MVC核心应用程序中,我让用户通过以下配置登录Azure public void Configure(string name, OpenIdConnectOptions options) { options.ClientId = _azureOptions.ClientId; options.Authority = _azureOptions.Authority; options.UseToke

在我的MVC核心应用程序中,我让用户通过以下配置登录Azure

public void Configure(string name, OpenIdConnectOptions options) {
                options.ClientId = _azureOptions.ClientId;
                options.Authority = _azureOptions.Authority;
                options.UseTokenLifetime = true;
                options.CallbackPath = _azureOptions.CallbackPath;
                options.RequireHttpsMetadata = false;
                options.ClientSecret = _azureOptions.ClientSecret;
                options.Resource = "https://graph.microsoft.com"; // AAD graph
                options.SaveTokens = true;
                // Without overriding the response type (which by default is id_token), the OnAuthorizationCodeReceived event is not called.
                // but instead OnTokenValidated event is called. Here we request both so that OnTokenValidated is called first which 
                // ensures that context.Principal has a non-null value when OnAuthorizeationCodeReceived is called
                options.ResponseType = "id_token code";

                // Subscribing to the OIDC events
                options.Events.OnAuthorizationCodeReceived = OnAuthorizationCodeReceived;
                //options.Events.OnAuthenticationFailed = OnAuthenticationFailed;
            }
然后,一旦我通过
AcquireTokenByAuthorizationCodeAsync
方法从Azure获得了承载令牌,我就将该承载令牌发送到我的Web API中,该Web API返回另一个承载令牌,该承载令牌将在MVC应用程序中用作将来调用Web API的身份验证

我的问题是,如何将第二个承载令牌保存为cookie,以便在每次请求时将其发送到API,还是有更好的方法来执行此操作?

客户端存储有两种模式:
cookies
和使用HTML5本地存储的

如果使用cookies将承载令牌从客户端传输到服务器,那么cookies也将用于在客户端存储承载令牌

同样,如果授权头用于传输令牌,则必须使用HTML5本地存储(或会话存储)来存储承载令牌

您可以将此线程引用到代码部分


public class Startup
{
    public void Configuration(IAppBuilder app)
    {
        app.UseCookieAuthentication(new CookieAuthenticationOptions()
        {
            AuthenticationType = "ApplicationCookie",
            LoginPath = new PathString("/Account/Login"),
        });
    }
}



客户端存储有两种模式:
cookies
和使用HTML5本地存储的

如果使用cookies将承载令牌从客户端传输到服务器,那么cookies也将用于在客户端存储承载令牌

同样,如果授权头用于传输令牌,则必须使用HTML5本地存储(或会话存储)来存储承载令牌

您可以将此线程引用到代码部分


public class Startup
{
    public void Configuration(IAppBuilder app)
    {
        app.UseCookieAuthentication(new CookieAuthenticationOptions()
        {
            AuthenticationType = "ApplicationCookie",
            LoginPath = new PathString("/Account/Login"),
        });
    }
}