Question

我正在使用ASP.NET Identity 2.0并尝试设置＆＃34; .AspNet.ExternalCookie＆＃34;的域名。 cookie到＆＃34; .mydomain.com＆＃34;因为我想从另一个子域读取cookie。

有些解决方案说我可以更改此代码：

app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

对此：

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    AuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
    CookieName = CookieAuthenticationDefaults.CookiePrefix + "External",
    LoginPath = new PathString("/Account/Login"),
    CookieDomain = ".mydomain.com"
});

但是我收到以下错误：

在IAppBuilder属性中找不到SignInAsAuthenticationType的默认值。如果您的身份验证中间件以错误的顺序添加，或者如果缺少一个，则会发生这种情况。

我的完整代码如下：

        public void ConfigureAuth(IAppBuilder app)
    {
        app.CreatePerOwinContext(ApplicationDbContext.Create);
        app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);

        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Account/Login"),
            Provider = new CookieAuthenticationProvider
            {
                OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
                    validateInterval: TimeSpan.FromMinutes(30),
                    regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
            }
        });

        //app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
            CookieName = CookieAuthenticationDefaults.CookiePrefix + "External",
            LoginPath = new PathString("/Account/Login"),
            CookieDomain = ".mydomain.com",
            ExpireTimeSpan = TimeSpan.FromMinutes(5)
        });

        app.UseMicrosoftAccountAuthentication(
            clientId: "1",
            clientSecret: "1");

        app.UseTwitterAuthentication(
           consumerKey: "2",
           consumerSecret: "2");

        app.UseFacebookAuthentication(
           appId: "3",
           appSecret: "3");

        app.UseGoogleAuthentication();
    }

Answer 1

似乎有两个解决方案：

解决方案1：

添加

using Microsoft.Owin.Security;

添加

app.SetDefaultSignInAsAuthenticationType(DefaultAuthenticationTypes.ExternalCookie);

在app.UseCookieAuthentication（...）

之前

解决方案2：

添加

app.Properties["Microsoft.Owin.Security.Constants.DefaultSignInAsAuthenticationType"] = "ExternalCookie";

在app.UseCookieAuthentication（...）

之前

还应添加AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Passive，以便在从外部提供商进行身份验证时不会自动登录用户（应该由应用程序控制，并且只应通过ApplicationCookie进行身份验证）。

        app.SetDefaultSignInAsAuthenticationType(DefaultAuthenticationTypes.ExternalCookie);
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
            AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Passive,
            LoginPath = new PathString("/accounts/signin"),
            CookieHttpOnly = true,
            CookieName = CookieAuthenticationDefaults.CookiePrefix + "External",
            CookieDomain = ".mydomain.com"
        });

如何自定义UseExternalSignInCookie？

1 个答案: