C# 从Azure AD Connect获取身份令牌_C#_Azure_Asp.net Core_Identityserver4

C# 从Azure AD Connect获取身份令牌

c# azure asp.net-core identityserver4

C# 从Azure AD Connect获取身份令牌,c#,azure,asp.net-core,identityserver4,C#,Azure,Asp.net Core,Identityserver4,我正在尝试了解如何从azure ad connect获取身份令牌。我正在将它与Identity Server 4（dotnet core）集成。他们的示例显示了如何将AD连接到Identity Server，但我找不到如何实际获取Id令牌。我还尝试使用事件访问它，但没有成功。这是我在identity server项目的Startup.cs上的配置 public void Configure(IApplicationBuilder app, IHostingEnvironment env,

我正在尝试了解如何从azure ad connect获取身份令牌。我正在将它与Identity Server 4（dotnet core）集成。他们的示例显示了如何将AD连接到Identity Server，但我找不到如何实际获取Id令牌。我还尝试使用事件访问它，但没有成功。这是我在identity server项目的Startup.cs上的配置

 public void Configure(IApplicationBuilder app, IHostingEnvironment env, 
 ILoggerFactory loggerFactory)
{
    loggerFactory.AddConsole(LogLevel.Debug);
        app.UseDeveloperExceptionPage();

        app.UseIdentityServer();

        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme,

            AutomaticAuthenticate = false,
            AutomaticChallenge = false
        });

        ///
        /// Setup Custom Data Format
        /// 
        var schemeName = "oidc";
        var dataProtectionProvider = app.ApplicationServices.GetRequiredService<IDataProtectionProvider>();
        var distributedCache = app.ApplicationServices.GetRequiredService<IDistributedCache>();

        var dataProtector = dataProtectionProvider.CreateProtector(
            typeof(OpenIdConnectMiddleware).FullName,
            typeof(string).FullName, schemeName,
            "v1");

        var dataFormat = new CachedPropertiesDataFormat(distributedCache, dataProtector);

        ///
        /// Azure AD Configuration
        /// 
        var clientId = "XXXX";
        var tenantId = "XXXXX";

        app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
        {
            AuthenticationScheme = schemeName,
            DisplayName = "AzureAD",
            SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme,
            ClientId = clientId,
            Authority = $"https://login.microsoftonline.com/{tenantId}",
            ResponseType = OpenIdConnectResponseType.IdToken,
            StateDataFormat = dataFormat,
            Events = new OpenIdConnectEvents
            {
                OnRemoteFailure = OnAuthenticationFailed,
                OnTokenValidated = OnTokenValidated,
                OnTokenResponseReceived = TokenResponseReceived
            },
            TokenValidationParameters = new TokenValidationParameters
            {
                SaveSigninToken = true
            }
        });

        app.UseStaticFiles();
          app.UseMvcWithDefaultRoute();
 }

您可以在

context.SecurityToken

下读取令牌信息

我使用作为基础，并添加

OnTokenValidated

和

OnTokenResponseReceived

来测试它

（单击图像以将其放大）

我需要身份令牌。表示标识的jwt字符串。即使它们是相同的，我仍然看不到可以从您的示例中检索到的字符串。

private Task OnTokenValidated(TokenValidatedContext context)
    {
        var type = context.Properties.GetType();
        var tokens = context.Properties.GetTokens();
        var ci = (System.Security.Claims.ClaimsIdentity)
         ClaimsPrincipal.Current.Identity;
        return Task.FromResult(0);
    }

    private Task OnAuthenticationFailed(FailureContext context)
    {
        var failure = context.Failure;
        return Task.FromResult(0);
    }

    public Task TokenResponseReceived(TokenResponseReceivedContext context)
    {
        var variable = context.TokenEndpointResponse.IdToken;
        return Task.FromResult(0);
    }