2

我试图将我的整个应用程序隐藏在身份验证后面(我将在此工作时处理授权),现在我希望每个 url 都需要 github 登录。我没有打开 github 登录页面。

我尝试将SAFE-stack 模板"Using OAuth with Saturn"结合​​起来,但我没有得到 github 登录页面(我只在遵循 Saturn 指南时得到),我只是得到了正常的待办事项页面。如果我单击添加按钮,服务器会打印

info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
      Request starting HTTP/1.1 POST http://localhost:8085/api/ITodosApi/addTodo application/json; charset=UTF-8 68
info: Microsoft.AspNetCore.Authentication.OAuth.OAuthHandler`1[[Microsoft.AspNetCore.Authentication.OAuth.OAuthOptions, Microsoft.AspNetCore.Authentication.OAuth, Version=3.1.11.0, Culture=neutral, PublicKeyToken=adb9793829ddae60]][12]
      AuthenticationScheme: GitHub was challenged.
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
      Request finished in 10.8057ms 302

并且该项目不会添加到待办事项列表中。

除了身份验证位之外,我已经尝试删除所有内容,并且与干净的安全模板相比,我所做的唯一更改是

  1. dotnet paket add Saturn.Extensions.Authorization --project src/Server/Server.fsproj
  2. 手动降级两个依赖项paket.lock,否则会产生错误:Microsoft.AspNetCore.Authentication.Googleto(3.1.11)Microsoft.AspNetCore.Authentication.OpenIdConnectto(3.1.11)
  3. app将值更改Server/Server.fs为以下(我为此问题创建了一个新的 github auth 应用程序):
let loggedInPipeline = pipeline {
    requires_authentication (Giraffe.Auth.challenge "GitHub")
}

let loggedInView = router {
    pipe_through loggedInPipeline
    get "/" webApp
}

let appRouter = router {
    forward "" loggedInView
}

let app =
    application {
        use_router appRouter
        url "http://0.0.0.0:8085/"
        memory_cache
        use_static "public"
        use_gzip
        use_github_oauth "8cde657dfd1d3a41b9ed" "0b245e12900ff8486ade076aae07aa0deb0fd83d" "/signin-github" [("login", "githubUsername"); ("name", "fullName")]
    }

run app

我的 gitHub 应用配置认证回调 url:http://localhost:8080/signin-github

4

2 回答 2

1

我得到了解决这个问题的帮助,只是为了 AzureAD。可以在此处找到博客文章https://www.compositional-it.com/news-blog/safe-stack-authentication-with-active-directory-part-2/。github应该是一样的。我需要做的是对webpack.config.js,Server.fsbuild.fsx

webpack.config.js

devServerProxy: {
    // redirect all requests to the server on port 8085
    '**': {
//...

var CONFIG = {
    appHtmlTemplate: './src/Client/app.html',
//...

var commonPlugins = [
    new HtmlWebpackPlugin({
        filename: 'app.html',
//...

var CONFIG = {
    // ... other webpack config settings
    outputDir: './src/Server/public',
     // ...

    devServer: {
        // ...other dev server config settings
        writeToDisk: true
    },

Server.fs

let authScheme = "AzureAD"

let isDevelopment = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT") = Environments.Development;

let noAuthenticationRequired nxt ctx = task { return! nxt ctx }

let authChallenge : HttpFunc -> HttpContext -> HttpFuncResult =
    requiresAuthentication (Auth.challenge authScheme)

let routes =
    choose [
        route "/" >=> authChallenge >=>  htmlFile "public/app.html"
    ]

构建.fsx:

let serverPublicPath = Path.getFullName "./src/Server/public"
let clientPublicPath = Path.getFullName "./src/Client/public"

Target.create "Clean" (fun _ ->
    Shell.cleanDir deployDir
    Shell.cleanDir serverPublicPath)

Target.create "Run" (fun _ ->
    Shell.copyDir serverPublicPath clientPublicPath FileFilter.allFiles
    //... other commands

由于前面提到的 cookie 问题,如果您在本地工作,则需要使用非 Chrome 浏览器,例如 Firefox。

打开私人浏览窗口是个好主意,以确保您还没有登录帐户等。

如果您遇到问题,请检查您是否有

  • 在 Azure 中正确设置应用的 Active Directory 注册
  • 将所需的 AD 配置添加到您的服务器中appsettings.json,包括您在 AD 注册中设置的登录/注销回调 url。
于 2021-03-01T12:40:48.947 回答
0

你试过https而不是http你的url参数吗?

代替

url "http://0.0.0.0:8085"


url "https://0.0.0.0:8085"

这解决了我的问题。

演示代码:https ://github.com/functionalfriday/fsharp-saturn-demos

于 2021-02-11T23:45:21.933 回答