OWIN外部登录没有持久用户不进行身份验证

时间:2014-08-15 23:43:56

标签: c#-4.0 asp.net-mvc-5 owin

刚开始使用OWIN和ASP.NET MVC 5.

我希望在不保留用户数据的情况下让外部登录工作。

目前我可以从Facebook获得经过身份验证的回复,我可以看到所有声明,我甚至可以获得应用Cookie,但用户上下文中的用户与我登录的用户身份不同。

以下是我到目前为止的代码:

OWIN初创公司 

public class Startup
{
    public void Configuration(IAppBuilder app)
    {
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            AuthenticationMode = AuthenticationMode.Passive,
            LoginPath = new PathString("/Login"),
            LogoutPath = new PathString("/Logout"),
        });
        app.UseExternalSignInCookie();
        var facebookAuthenticationOptions = new FacebookAuthenticationOptions
            {
                AppId = "XXX", AppSecret = "XXX",
            };

        facebookAuthenticationOptions.Scope.Add("email");

        app.UseFacebookAuthentication(facebookAuthenticationOptions);
    }
}

控制器 

public class LandingPageController : Controller
{
    public ActionResult Index()
    {
        IAuthenticationManager authenticationManager = HttpContext.GetOwinContext().Authentication;

        //All I ever get is a WindowsPrincipal with an IsAuthenticated = false
        var identity = System.Web.HttpContext.Current.User as ClaimsPrincipal;
        var identity2 = ClaimsPrincipal.Current;
        var claimsPrincipal = authenticationManager.User ?? new ClaimsPrincipal();
        ...
    }

    [HttpPost]
    [ValidateAntiForgeryToken]
    public ActionResult ExternalLogin(string provider, string returnUrl = "/")
    {
        return new ChallengeResult(provider, Url.Action("ExternalLoginCallback", "LandingPage", new { loginProvider = provider, ReturnUrl = returnUrl }));
    }

    public async Task<RedirectResult> ExternalLoginCallback(string loginProvider, string returnUrl)
    {
        var authResult = await authentication.AuthenticateAsync(DefaultAuthenticationTypes.ExternalCookie);

        authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);

        authentication.SignIn(new AuthenticationProperties() { IsPersistent = false }, new ClaimsIdentity(authResult.Identity.Claims, DefaultAuthenticationTypes.ApplicationCookie));
            return Redirect(returnUrl);
    }

    public class ChallengeResult : HttpUnauthorizedResult
    {
        public ChallengeResult(string provider, string redirectUrl)
        {
            LoginProvider = provider;
            RedirectUrl = redirectUrl;
        }

        public string LoginProvider { get; set; }
        public string RedirectUrl { get; set; }

        public override void ExecuteResult(ControllerContext context)
        {
            context.HttpContext.GetOwinContext().Authentication.Challenge(new AuthenticationProperties { RedirectUri = RedirectUrl }, LoginProvider);
        }
    }

当我使用Facebook登录时,我获得了一个应用程序Cookie,但上下文中的用户从未通过身份验证,我也没有得到我的声明。我错过了什么?

1 个答案:

答案 0 :(得分:2)

似乎我在两个Cookie配置上犯了一个错误。默认情况下,外部Cookie使用PassiveActive。我在设置Cookie身份验证时也使用了相同的功能。应用程序cookie需要使用app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, AuthenticationMode = AuthenticationMode.Active, LoginPath = new PathString("/Login"), LogoutPath = new PathString("/Logout"), });

将OWIN配置更改为以下内容使一切正常。

{{1}}
相关问题
最新问题