使用 owin 和 Nancy 进行 Oauth 身份验证

Question

按照本指南在 Owin 上使用 MVC 5 进行外部身份验证 - External login providers with owinkatana。

我已将以下内容添加到我的 Owin Nancy 应用程序

Startup.cs -

app.Properties["Microsoft.Owin.Security.Constants.DefaultSignInAsAuthenticationType"] = "ExternalCookie";
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    AuthenticationType = "ExternalCookie",
    AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Passive,
});

app.UseTwitterAuthentication(new TwitterAuthenticationOptions
{
    ConsumerKey = "mykey",
    ConsumerSecret = "mypass"
});

LoginModule.cs（nancy 模块）

Post["ExternalLogin"] = _ =>
{
    var provider = Request.Form.name;
    var auth = Context.GetAuthenticationManager();
    auth.Challenge(new AuthenticationProperties
    {
        RedirectUri = String.Format("/?provder={0}", provider)
    }, provider);
    return HttpStatusCode.Unauthorized;
};

现在在挑战点这里什么都没有发生。它只显示一个带有重定向 URL 的空白页面。我已经确认我可以按照 MVC 中的示例让它工作。 有人知道这部分的正确 Nancy 代码吗？

Answer 1

我将扩展我即将离开的评论，然后将其作为答案（即使您似乎已离开南希）。我asked a similar question，并被指向github上的以下代码示例：

https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/tree/dev/samples/Nancy/Nancy.Client

假设您在 Startup.cs 中正确连接了 OIDC，我需要以下代码来让 Nancy 模块触发我的登录/注销路由上的身份验证：

namespace Nancy.Client.Modules {
    public class AuthenticationModule : NancyModule {
        public AuthenticationModule() {
            Get["/signin"] = parameters => {
                var manager = Context.GetAuthenticationManager();
                if (manager == null) {
                    throw new NotSupportedException("An OWIN authentication manager cannot be extracted from NancyContext");
                }

                var properties = new AuthenticationProperties {
                    RedirectUri = "/"
                };

                // Instruct the OIDC client middleware to redirect the user agent to the identity provider.
                // Note: the authenticationType parameter must match the value configured in Startup.cs
                manager.Challenge(properties, OpenIdConnectAuthenticationDefaults.AuthenticationType);

                return HttpStatusCode.Unauthorized;
            };

            Get["/signout"] = Post["/signout"] = parameters => {
                var manager = Context.GetAuthenticationManager();
                if (manager == null) {
                    throw new NotSupportedException("An OWIN authentication manager cannot be extracted from NancyContext");
                }

                // Instruct the cookies middleware to delete the local cookie created when the user agent
                // is redirected from the identity provider after a successful authorization flow.
                manager.SignOut("ClientCookie");

                // Instruct the OpenID Connect middleware to redirect
                // the user agent to the identity provider to sign out.
                manager.SignOut(OpenIdConnectAuthenticationDefaults.AuthenticationType);

                return HttpStatusCode.OK;
            };
        }
    }
}

代码来源：https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/blob/dev/samples/Nancy/Nancy.Client/Modules/AuthenticationModule.cs

希望有帮助！