open id connect is working with azure ad
This commit is contained in:
Shannon
@@ -1,14 +1,11 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Globalization;
|
||||
using System.Net.Http;
|
||||
using System.Threading.Tasks;
|
||||
using System.Web;
|
||||
using System.Web.Security;
|
||||
using Microsoft.AspNet.Identity;
|
||||
using Microsoft.AspNet.Identity.Owin;
|
||||
using Microsoft.IdentityModel.Clients.ActiveDirectory;
|
||||
using Microsoft.Owin;
|
||||
using Microsoft.Owin.Security.Cookies;
|
||||
using Microsoft.Owin.Security.Google;
|
||||
using Umbraco.Web.Security.Identity;
|
||||
using Microsoft.Owin.Security.OpenIdConnect;
|
||||
using Owin;
|
||||
using Umbraco.Core;
|
||||
using Umbraco.Core.Security;
|
||||
@@ -26,8 +23,23 @@ namespace Umbraco.Web.UI
|
||||
public class OwinStartup
|
||||
{
|
||||
|
||||
public async Task DoStuff()
|
||||
{
|
||||
var client = new HttpClient();
|
||||
|
||||
using (var request = await client.PostAsJsonAsync("", "123"))
|
||||
{
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
public void Configuration(IAppBuilder app)
|
||||
{
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
//Single method to configure the Identity user manager for use with Umbraco
|
||||
app.ConfigureUserManagerForUmbracoBackOffice(
|
||||
ApplicationContext.Current,
|
||||
@@ -63,12 +75,111 @@ namespace Umbraco.Web.UI
|
||||
//app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
|
||||
|
||||
|
||||
app.UseGoogleAuthentication(
|
||||
clientId: "1072120697051-07jlhgrd5hodsfe7dgqimdie8qc1omet.apps.googleusercontent.com",
|
||||
clientSecret: "Ue9swN0lEX9rwxzQz1Y_tFzg");
|
||||
|
||||
|
||||
var authority = string.Format(CultureInfo.InvariantCulture, aadInstance, tenant);
|
||||
app.UseOpenIdConnectAuthentication(
|
||||
new OpenIdConnectAuthenticationOptions
|
||||
{
|
||||
ClientId = clientId,
|
||||
Authority = authority,
|
||||
PostLogoutRedirectUri = postLoginRedirectUri,
|
||||
|
||||
Notifications = new OpenIdConnectAuthenticationNotifications()
|
||||
{
|
||||
//
|
||||
// If there is a code in the OpenID Connect response, redeem it for an access token and refresh token, and store those away.
|
||||
//
|
||||
AuthorizationCodeReceived = (context) =>
|
||||
{
|
||||
var code = context.Code;
|
||||
|
||||
var credential = new ClientCredential(clientId, appKey);
|
||||
var userObjectId = context.AuthenticationTicket.Identity.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value;
|
||||
var authContext = new AuthenticationContext(authority, new NaiveSessionCache(userObjectId));
|
||||
AuthenticationResult result = authContext.AcquireTokenByAuthorizationCode(
|
||||
code,
|
||||
//new Uri(HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Path)),
|
||||
new Uri(
|
||||
HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Authority) +
|
||||
HttpContext.Current.Request.RawUrl.EnsureStartsWith('/').EnsureEndsWith('/')),
|
||||
credential,
|
||||
graphResourceId);
|
||||
|
||||
return Task.FromResult(0);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
});
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
public class NaiveSessionCache : TokenCache
|
||||
{
|
||||
private static readonly object FileLock = new object();
|
||||
string UserObjectId = string.Empty;
|
||||
string CacheId = string.Empty;
|
||||
public NaiveSessionCache(string userId)
|
||||
{
|
||||
UserObjectId = userId;
|
||||
CacheId = UserObjectId + "_TokenCache";
|
||||
|
||||
this.AfterAccess = AfterAccessNotification;
|
||||
this.BeforeAccess = BeforeAccessNotification;
|
||||
Load();
|
||||
}
|
||||
|
||||
public void Load()
|
||||
{
|
||||
lock (FileLock)
|
||||
{
|
||||
this.Deserialize((byte[])HttpContext.Current.Session[CacheId]);
|
||||
}
|
||||
}
|
||||
|
||||
public void Persist()
|
||||
{
|
||||
lock (FileLock)
|
||||
{
|
||||
// reflect changes in the persistent store
|
||||
HttpContext.Current.Session[CacheId] = this.Serialize();
|
||||
// once the write operation took place, restore the HasStateChanged bit to false
|
||||
this.HasStateChanged = false;
|
||||
}
|
||||
}
|
||||
|
||||
// Empties the persistent store.
|
||||
public override void Clear()
|
||||
{
|
||||
base.Clear();
|
||||
System.Web.HttpContext.Current.Session.Remove(CacheId);
|
||||
}
|
||||
|
||||
public override void DeleteItem(TokenCacheItem item)
|
||||
{
|
||||
base.DeleteItem(item);
|
||||
Persist();
|
||||
}
|
||||
|
||||
// Triggered right before ADAL needs to access the cache.
|
||||
// Reload the cache from the persistent store in case it changed since the last access.
|
||||
void BeforeAccessNotification(TokenCacheNotificationArgs args)
|
||||
{
|
||||
Load();
|
||||
}
|
||||
|
||||
// Triggered right after ADAL accessed the cache.
|
||||
void AfterAccessNotification(TokenCacheNotificationArgs args)
|
||||
{
|
||||
// if the access operation resulted in a cache update
|
||||
if (this.HasStateChanged)
|
||||
{
|
||||
Persist();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
@@ -158,6 +158,16 @@
|
||||
<HintPath>..\packages\Microsoft.AspNet.Identity.Owin.2.1.0\lib\net45\Microsoft.AspNet.Identity.Owin.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.CSharp" />
|
||||
<Reference Include="Microsoft.IdentityModel.Clients.ActiveDirectory">
|
||||
<HintPath>..\packages\Microsoft.IdentityModel.Clients.ActiveDirectory.2.14.201151115\lib\net45\Microsoft.IdentityModel.Clients.ActiveDirectory.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.IdentityModel.Clients.ActiveDirectory.WindowsForms">
|
||||
<HintPath>..\packages\Microsoft.IdentityModel.Clients.ActiveDirectory.2.14.201151115\lib\net45\Microsoft.IdentityModel.Clients.ActiveDirectory.WindowsForms.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.IdentityModel.Protocol.Extensions, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
|
||||
<SpecificVersion>False</SpecificVersion>
|
||||
<HintPath>..\packages\Microsoft.IdentityModel.Protocol.Extensions.1.0.1\lib\net45\Microsoft.IdentityModel.Protocol.Extensions.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.Owin">
|
||||
<HintPath>..\packages\Microsoft.Owin.3.0.1\lib\net45\Microsoft.Owin.dll</HintPath>
|
||||
<Private>True</Private>
|
||||
@@ -181,6 +191,9 @@
|
||||
<SpecificVersion>False</SpecificVersion>
|
||||
<HintPath>..\packages\Microsoft.Owin.Security.OAuth.3.0.0\lib\net45\Microsoft.Owin.Security.OAuth.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.Owin.Security.OpenIdConnect">
|
||||
<HintPath>..\packages\Microsoft.Owin.Security.OpenIdConnect.3.0.1\lib\net45\Microsoft.Owin.Security.OpenIdConnect.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.Threading.Tasks">
|
||||
<HintPath>..\packages\Microsoft.Bcl.Async.1.0.165\lib\net45\Microsoft.Threading.Tasks.dll</HintPath>
|
||||
</Reference>
|
||||
@@ -232,6 +245,11 @@
|
||||
</Reference>
|
||||
<Reference Include="System.Drawing" />
|
||||
<Reference Include="System.EnterpriseServices" />
|
||||
<Reference Include="System.IdentityModel" />
|
||||
<Reference Include="System.IdentityModel.Tokens.Jwt, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
|
||||
<SpecificVersion>False</SpecificVersion>
|
||||
<HintPath>..\packages\System.IdentityModel.Tokens.Jwt.4.0.1\lib\net45\System.IdentityModel.Tokens.Jwt.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="System.Net" />
|
||||
<Reference Include="System.Net.Http, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
|
||||
<SpecificVersion>False</SpecificVersion>
|
||||
|
||||
@@ -22,6 +22,8 @@
|
||||
<package id="Microsoft.Bcl" version="1.1.9" targetFramework="net45" />
|
||||
<package id="Microsoft.Bcl.Async" version="1.0.165" targetFramework="net45" />
|
||||
<package id="Microsoft.Bcl.Build" version="1.0.14" targetFramework="net45" />
|
||||
<package id="Microsoft.IdentityModel.Clients.ActiveDirectory" version="2.14.201151115" targetFramework="net45" />
|
||||
<package id="Microsoft.IdentityModel.Protocol.Extensions" version="1.0.1" targetFramework="net45" />
|
||||
<package id="Microsoft.Net.Http" version="2.2.28" targetFramework="net45" />
|
||||
<package id="Microsoft.Owin" version="3.0.1" targetFramework="net45" />
|
||||
<package id="Microsoft.Owin.Host.SystemWeb" version="3.0.0" targetFramework="net45" />
|
||||
@@ -29,6 +31,7 @@
|
||||
<package id="Microsoft.Owin.Security.Cookies" version="3.0.0" targetFramework="net45" />
|
||||
<package id="Microsoft.Owin.Security.Google" version="3.0.0" targetFramework="net45" />
|
||||
<package id="Microsoft.Owin.Security.OAuth" version="3.0.0" targetFramework="net45" />
|
||||
<package id="Microsoft.Owin.Security.OpenIdConnect" version="3.0.1" targetFramework="net45" />
|
||||
<package id="Microsoft.Web.Infrastructure" version="1.0.0.0" targetFramework="net45" />
|
||||
<package id="MiniProfiler" version="2.1.0" targetFramework="net45" />
|
||||
<package id="MySql.Data" version="6.6.5" targetFramework="net40" />
|
||||
@@ -36,5 +39,6 @@
|
||||
<package id="Owin" version="1.0" targetFramework="net45" />
|
||||
<package id="SharpZipLib" version="0.86.0" targetFramework="net45" />
|
||||
<package id="SqlServerCE" version="4.0.0.0" targetFramework="net40" />
|
||||
<package id="System.IdentityModel.Tokens.Jwt" version="4.0.1" targetFramework="net45" />
|
||||
<package id="UrlRewritingNet.UrlRewriter" version="2.0.60829.1" targetFramework="net40" />
|
||||
</packages>
|
||||
@@ -687,7 +687,7 @@ namespace Umbraco.Web.Editors
|
||||
//Ensure the forms auth module doesn't do a redirect!
|
||||
context.HttpContext.Response.SuppressFormsAuthenticationRedirect = true;
|
||||
|
||||
var properties = new AuthenticationProperties() { RedirectUri = RedirectUri };
|
||||
var properties = new AuthenticationProperties() { RedirectUri = RedirectUri.EnsureEndsWith('/') };
|
||||
if (UserId != null)
|
||||
{
|
||||
properties.Dictionary[XsrfKey] = UserId;
|
||||
|
||||
@@ -138,6 +138,12 @@
|
||||
<HintPath>..\packages\Microsoft.AspNet.Identity.Owin.2.1.0\lib\net45\Microsoft.AspNet.Identity.Owin.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.CSharp" />
|
||||
<Reference Include="Microsoft.IdentityModel.Clients.ActiveDirectory">
|
||||
<HintPath>..\packages\Microsoft.IdentityModel.Clients.ActiveDirectory.2.14.201151115\lib\net45\Microsoft.IdentityModel.Clients.ActiveDirectory.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.IdentityModel.Clients.ActiveDirectory.WindowsForms">
|
||||
<HintPath>..\packages\Microsoft.IdentityModel.Clients.ActiveDirectory.2.14.201151115\lib\net45\Microsoft.IdentityModel.Clients.ActiveDirectory.WindowsForms.dll</HintPath>
|
||||
</Reference>
|
||||
<Reference Include="Microsoft.Owin, Version=3.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
|
||||
<SpecificVersion>False</SpecificVersion>
|
||||
<HintPath>..\packages\Microsoft.Owin.3.0.1\lib\net45\Microsoft.Owin.dll</HintPath>
|
||||
|
||||
@@ -18,6 +18,7 @@
|
||||
<package id="Microsoft.AspNet.WebPages" version="2.0.30506.0" targetFramework="net40" />
|
||||
<package id="Microsoft.Bcl" version="1.1.9" targetFramework="net45" />
|
||||
<package id="Microsoft.Bcl.Build" version="1.0.14" targetFramework="net45" />
|
||||
<package id="Microsoft.IdentityModel.Clients.ActiveDirectory" version="2.14.201151115" targetFramework="net45" />
|
||||
<package id="Microsoft.Net.Http" version="2.2.28" targetFramework="net45" />
|
||||
<package id="Microsoft.Owin" version="3.0.1" targetFramework="net45" />
|
||||
<package id="Microsoft.Owin.Host.SystemWeb" version="3.0.0" targetFramework="net45" />
|
||||
|
||||
Reference in New Issue
Block a user