Question

我使用ASP.NET WEB API实现REST API 2.我有默认的AccountController实现，其方法为// GET api / Account / ExternalLogin。

[OverrideAuthentication]
[HostAuthentication(DefaultAuthenticationTypes.ExternalCookie)]
[AllowAnonymous]
[Route("ExternalLogin", Name = "ExternalLogin")]
public async Task<IHttpActionResult> GetExternalLogin(string provider, string error = null)
{
    if (error != null)
    {
        return Redirect(Url.Content("~/") + "#error=" + Uri.EscapeDataString(error));
    }

    if (!User.Identity.IsAuthenticated)
    {
        return new ChallengeResult(provider, this);
    }

    ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);

    if (externalLogin == null)
    {
        return InternalServerError();
    }

    if (externalLogin.LoginProvider != provider)
    {
        Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
        return new ChallengeResult(provider, this);
    }

    ApplicationUser user = await UserManager.FindAsync(new UserLoginInfo(externalLogin.LoginProvider,
        externalLogin.ProviderKey));

    bool hasRegistered = user != null;

    if (hasRegistered)
    {
        Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);

         ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(UserManager,
            OAuthDefaults.AuthenticationType);
        ClaimsIdentity cookieIdentity = await user.GenerateUserIdentityAsync(UserManager,
            CookieAuthenticationDefaults.AuthenticationType);

        AuthenticationProperties properties = ApplicationOAuthProvider.CreateProperties(user.UserName);
        Authentication.SignIn(properties, oAuthIdentity, cookieIdentity);
    }
    else
    {
        IEnumerable<Claim> claims = externalLogin.GetClaims();
        ClaimsIdentity identity = new ClaimsIdentity(claims, OAuthDefaults.AuthenticationType);
        Authentication.SignIn(identity);
    }

    return Ok();
}

我已经浏览过互联网，但没有发现任何适用于这种情况的内容。

我使用的网址

https_：//_www.dummydomain.com：43363 / API /帐户/ ExternalLogin提供商=谷歌＆安培; RESPONSE_TYPE =令牌安培; CLIENT_ID =自我＆安培; REDIRECT_URI = HTTPS％3A％2F％2Fwww.dummydomain.com％3A43363％2F＆安培;状态= jI4zGXuaVvHI8qf9E0Nww3qBwke0YsYwD9AORwKBj3o1

每个外部服务（Google / FB）都是正确的。我看到AspNet.ExternalCookie已设置，但重定向回我没有获得授权并获得

{
  email:null,
  hasRegistred: true,
  loginProvaider: null
}

更新1

Properties Request AppController属性字典

MS_UserPrincipal不包含Request.Properties["MS_HttpContext"]。

见附件截图。 Properties keys

while($row2 = mysql_fetch_array($result2)){ $pID= $row2[0]; $pName = $row2[1]; $pDes = $row2[2]; $pSale = $row2[5]; $pPrice = $row2[4]; $pPhoto = $row2[6]; if($counter % 4 == 0)echo "<tr> "; echo " <td> Name: '".$pName."' <br> ID: '".$pID."' <br> Price: '".$pPrice."' <br> <div id='parent'> <img src='".$pPhoto."' width = '180' height = '180'/> <br><input type='checkbox' name='item[]' value='".$pID."'" ." > <div id='popup' >Description: ".$pDes." <br> Sale Percent: ".$pSale." </div></div></td> ";返回:(见截图） MS_HttpContextobject

Answer 1

它无法在APIController中直接使用HttpContext属性。为此，您必须使用System.Net.Http.HttpRequestMessage类型的Request属性。 HttpRequestMessage有一个Properties字典;你会发现密钥的值MS_UserPrincipal保存你的IPrincipal对象。

User.Identity.IsAuthenticated始终返回false

1 个答案: