0

我想在服务器端手动生成身份验证 cookie 字符串,当您设置 cookie 身份验证中间件并使用 SignInAsync(此 HttpContext 上下文,字符串?方案,ClaimsPrincipal 主体)登录用户时,由 ASP .NET 核心生成. 我正在使用 REST 客户端调用 API 服务器。API 使用 cookie 身份验证。有一个用例,一旦我收到来自 IDP 的 SAML 响应,我需要对 API 进行初始调用以获取用户详细信息。为此,我需要在请求中设置 cookie。

我在 Startup.cs 文件中使用带有 cookie 身份验证设置的 ASP .NET Core 5。它是典型的 cookie 认证中间件。

下面是我正在尝试做的示例代码:

using MyProvider.Saml2Component;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Security.Claims;
using System.Threading.Tasks;


    [HttpPost]
    public async Task<IActionResult> SamlCallBack()
    {
        var samlResult = await _samlServiceProvider.ReceiveSsoAsync().ConfigureAwait(false);
        if (samlResult != null)
        {
            var email = samlResult.Attributes.FirstOrDefault(e => e.Name == "email").ToString();
            var id = samlResult.Attributes.FirstOrDefault(e => e.Name == "guid").ToString();

            var claims = new List<Claim>();

            if (!string.IsNullOrEmpty(email))
            {
                claims.Add(new Claim(ClaimTypes.Email, email));
            }

            if (!string.IsNullOrEmpty(id))
            {
                claims.Add(new Claim("SsoId", id));
            }

            var baseAddress = new Uri("http://example.com");
            var cookieContainer = new CookieContainer();
            using (var handler = new HttpClientHandler() { CookieContainer = cookieContainer })
            using (var client = new HttpClient(handler) { BaseAddress = baseAddress })
            {
                //How to get authentication cookie value here

                var ticket = GetSigninCookie(claims);
                cookieContainer.Add(baseAddress, new Cookie("CookieName", ticket));
                var result = await client.PostAsync("/user", null);
                result.EnsureSuccessStatusCode();
                var userDetails = await result.Content.ReadAsAsync<UserDetails>();
                var identity = new ClaimsIdentity();

                var signInClaims = new List<Claim>
                {
                    new Claim(ClaimTypes.NameIdentifier, userDetails.Id.ToString()),
                    new Claim("CompanyId", userDetails.CompanyId.ToString()),
                    new Claim(ClaimTypes.Name, userDetails.UserName)
                };
                identity.AddClaims(signInClaims);
                await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(identity));
                return RedirectToAction("Index", "Home");
            }


        }

        return View();
    }

    private string GetSigninCookie(List<Claim> claims)
    {
        throw new NotImplementedException();
    }
4

0 回答 0