您的位置: 首页  >  技术问答  >  在Xamarin应用程序中使用Identity Server

在Xamarin应用程序中使用Identity Server

分类: 技术问答 2022-04-05 15:34:26

在Xamarin应用程序中使用Identity Server

问题描述:

我正在尝试使Xamarin应用程序与身份服务器一起使用.我已按照以下步骤操作:

I am trying to get an Xamarin app working with Identity server. I have followed these steps:

1)下载此文件: https://github.com/IdentityModel/IdentityModel.OidcClient.Samples/tree/master/XamarinForms 2)从第1点开始运行Xamarin Forms应用程序.它按预期运行,即我可以以Bob身份登录,并且已通过面向公众的演示应用程序通过了身份验证:

1) Download this: https://github.com/IdentityModel/IdentityModel.OidcClient.Samples/tree/master/XamarinForms 2) Run the Xamarin Forms app from point 1. It works as expected i.e. I can login as Bob and I am authenticated against the public facing demo app: https://demo.identityserver.io

到现在为止,它都按预期工作.

It works as expected up to here.

3)然后,我在此处下载面向公众的演示应用程序: https://github.com/IdentityServer/IdentityServer4.Demo .将其添加到Xamarin解决方案中. 4)在解决方案中;查找并替换-从 https://demo.identityserver.io

3) I then download the public facing demo app here: https://github.com/IdentityServer/IdentityServer4.Demo. Add it to the Xamarin solution. 4) In the solution; do a find and replace - from https://demo.identityserver.io to http://localhost:24997/ (this is the URL of my identity server inside the solution).

5)注释掉以下代码行,因为我没有使用Azure:

5) Comment out the following lines of code as I am not using Azure:

//Startup.cs
 //.AddGoogle("Google", options =>
                //{
                //    options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;

                //    options.ClientId = Configuration["Secret:GoogleClientId"];
                //    options.ClientSecret = Configuration["Secret:GoogleClientSecret"];
                //})
                //.AddOpenIdConnect("aad", "Sign-in with Azure AD", options =>
                //{
                //    options.Authority = "https://login.microsoftonline.com/common";
                //    options.ClientId = "https://leastprivilegelabs.onmicrosoft.com/38196330-e766-4051-ad10-14596c7e97d3";

                //    options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
                //    options.SignOutScheme = IdentityServerConstants.SignoutScheme;

                //    options.ResponseType = "id_token";
                //    options.CallbackPath = "/signin-aad";
                //    options.SignedOutCallbackPath = "/signout-callback-aad";
                //    options.RemoteSignOutPath = "/signout-aad";

                //    options.TokenValidationParameters = new TokenValidationParameters
                //    {
                //        ValidateIssuer = false,
                //        ValidAudience = "165b99fd-195f-4d93-a111-3e679246e6a9",

                //        NameClaimType = "name",
                //        RoleClaimType = "role"
                //    };
                //})

//Program.cs
//.ConfigureAppConfiguration((ctx, builder) =>
//{
//    var config = builder.Build();
//    var tokenProvider = new AzureServiceTokenProvider();
//    var kvClient = new KeyVaultClient((authority, resource, scope) => tokenProvider.KeyVaultTokenCallback(authority, resource, scope));
//    builder.AddAzureKeyVault(config["KeyVault:BaseUrl"], kvClient, new DefaultKeyVaultSecretManager());
//})

6)添加选项.RequireHttpsMetadata = false;到IdentityServer.Startup.

6) Add options.RequireHttpsMetadata = false; to IdentityServer.Startup.

然后我运行Xamarin应用程序和身份服务器.我在Xamarin应用程序的第一行(MainPage.Login_Clicked的第一行)中看到以下错误:

I then run the Xamarin app and the Identity server. I see an error on the following line inside the Xamarin app (first line of: MainPage.Login_Clicked):

_result = await _client.LoginAsync(new LoginRequest());

错误是:Error connecting to http://localhost:24997/.well-known/openid-configuration

有什么明显的地方我做错了吗?

Is there anything obvious that I am doing wrong?

如果要在多个设备上进行测试,则不能使用localhost.您将必须将两个设备都放在同一网络中,并改用本地IP地址.

If you want to test this with multiple devices then you cannot use localhost. You will have to have both devices in the same network and use your local IP address instead.

对于IdSrv应用,您需要正确配置托管网址,例如通过更改launchSettings.json(如果您在本地进行开发)或设置ASPNETCORE_URL环境变量来进行.运行服务器应用程序时,它应该告诉您它正在监听http://192.168.1.101:5000或任何本地IP地址和所选端口.

For the IdSrv app, you need to configure the hosting URL properly, e.g. by changing the launchSettings.json if you are developing locally, or by setting the ASPNETCORE_URL environment variable. When you run the server application, it should tell you that it is listening on http://192.168.1.101:5000 or whatever the local IP address and the selected port is.

然后,您需要在Xamarin应用程序中将其配置为授权URL.然后,该应用可以访问身份服务器并与之正确通信.

You will then need to configure that as the authority URL in your Xamarin application. The app can then reach the identity server and properly communicate with it.

如果身份验证不起作用,则身份服务器的服务器日志应为您提供更多有关发生问题的详细信息.这样,您可以调整身份服务器中的客户端设置以及Xamarin应用程序中的身份验证设置,直到一切正常为止.

If the authentication doesn't work then, the server logs from the identity server should give you further details on what is going wrong. That way, you can tweak the client settings in the identity server, and the authentication settings in your Xamarin app, until everything works.

相关推荐