我有2个项目: Project1 是主应用程序( localhost:4016 ) Project2 是子应用程序( localhost:4055 ),并在2个项目之间共享授权令牌Cookie。
它在本地运行良好,但在Azure上托管时无法运行。出现以下错误:
从起源“ https://devplatform.b2clogin.com/devplatform.onmicrosoft.com/b2c_1_sign_in/oauth2/v2.0/authorize?client_id=XXXX&redirect_uri=https://myapps.example.com/home/index”到“ https://www.example.com/api/home/getlist ...”(从“ https://www.example.com”重定向)对XMLHttpRequest的访问已被CORS策略阻止:无“访问控制-允许来源的标头出现在请求的资源上。
我在多个项目中使用以下OpenIdConnect进行Azure AD B2C身份验证。
ngOnInit(){
this.receiveForm = new FormGroup({
'purchaseorder': new FormControl(null, Validators.required),
'receive_mat': new FormArray([])
})
this.receive_mat = this.receiveForm.get('receive_mat') as FormArray;
this.poService.currentPoNumber.subscribe((response : any) => {
if(!!response){
console.log(response)
this.poMaterials = response[0].POMaterials
this.addItem(response[0])
// this.dataSource = new MatTableDataSource(response[0]);
}
})
}
createItem(item): FormGroup {
console.log(item)
return this._formBuilder.group({
'material': new FormControl(item.POMaterials, Validators.required),
'uom': new FormControl(null, Validators.required),
'quantityordered': new FormControl({ value: null, disabled: true }, Validators.required),
'quantityReceived': new FormControl(null, Validators.required),
'quantityreceiving': new FormControl(null, Validators.required),
'bestbefore': new FormControl(null),
})
}
addItem(item){
console.log(item)
this.receive_mat.push(this.createItem(item))
}
如果我在身份验证失败事件上进行重定向,请按以下方式获取现时错误:
IDX21323:RequireNonce为‘[PII默认为隐藏。设置 IdentityModelEventSource.cs中的“ ShowPII”标志显示为true以显示它。]。 OpenIdConnectProtocolValidationContext.Nonce为空, OpenIdConnectProtocol.ValidatedIdToken.Payload.Nonce不为null。的 随机数无法验证。如果您不需要检查随机数,请设置 OpenIdConnectProtocolValidator.RequireNonce为“ false”。注意是否 发现“立即”将被评估。
我可以通过以下语句将其禁用:
public void ConfigureAuth(IAppBuilder app) {
// Required for Azure webapps, as by default they force TLS 1.2 and this project attempts 1.0
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions() {
//locally it'll keep redirecting infinitely
CookieDomain = ".example.com" //only required when we host it to keep persist cookies
});
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions {
// Generate the metadata address using the tenant and policy information
MetadataAddress = String.Format(Globals.WellKnownMetadata, Globals.Tenant, Globals.DefaultPolicy),
// These are standard OpenID Connect parameters, with values pulled from web.config
ClientId = Globals.ClientId,
RedirectUri = Globals.RedirectUri,
PostLogoutRedirectUri = Globals.RedirectUri,
// Specify the callbacks for each type of notifications
Notifications = new OpenIdConnectAuthenticationNotifications {
RedirectToIdentityProvider = OnRedirectToIdentityProvider,
AuthorizationCodeReceived = OnAuthorizationCodeReceived,
AuthenticationFailed = OnAuthenticationFailed,
},
// Specify the claim type that specifies the Name property.
TokenValidationParameters = new TokenValidationParameters {
NameClaimType = "name",
ValidateIssuer = false
},
// Specify the scope by appending all of the scopes requested into one string (separated by a blank space)
Scope = $"openid profile offline_access {Globals.ReadTasksScope} {Globals.WriteTasksScope}"
}
);
}
但是它引入了以下错误:
IDX21329:RequireState为“ [PII隐藏]”,但 OpenIdConnectProtocolValidationContext.State为null。国家不能是 已验证。
我试图通过以下声明来禁用它,但仍然是同样的问题。
ProtocolValidator = new OpenIdConnectProtocolValidator() { RequireNonce = false }