我正在与Azure B2C进行真正的斗争。我以前有多个登录/注册策略,我现在只减少一个SignInOrSignUp类型,认为可能是导致问题。
然而,即使采用单一政策,问题仍然存在。
我的政策有4个社交媒体登录以及本地帐户登录/注册。
它成功地有效地工作了50%。我经常发生的事情是我被重定向到microsoftonline,选择社交媒体帐户,例如Facebook,然后网站进入循环,导致"超时"。
https://login.microsoftonline.com/te/viewingbookerad.onmicrosoft.com/oauth2/authresp?code=[CODE]
查看该浏览器地址,看起来[CODE]每2-3秒刷新一次。 [CODE]每2-3秒重新生成一次,然后经过5分钟后,我最终得到了#34; Timeout"
我补充说 名称=" ARR-禁用会话亲和性"值="真" 标题,但仍无效果。
这是我的启动课
public partial class Startup {
// App config settings
private static string clientId = ConfigurationManager.AppSettings["ida:ClientId"];
private static string aadInstance = ConfigurationManager.AppSettings["ida:AadInstance"];
private static string tenant = ConfigurationManager.AppSettings["ida:Tenant"];
private static string redirectUri = ConfigurationManager.AppSettings["ida:RedirectUri"];
public static string SignInSignUpPolicy = ConfigurationManager.AppSettings["ida:SignInSignUpPolicy"];
public void Configuration (IAppBuilder app) {
ConfigureAuth (app);
}
public void ConfigureAuth (IAppBuilder app) {
app.SetDefaultSignInAsAuthenticationType (CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication (new CookieAuthenticationOptions {
// if this is "always" we get a infinite loop when authentication on HTTP (HTTPS is fine)
CookieSecure = CookieSecureOption.SameAsRequest
});
// Configure OpenID Connect middleware for each policy
app.UseOpenIdConnectAuthentication (CreateOptionsFromPolicy (SignInSignUpPolicy));
}
// Used for avoiding yellow-screen-of-death
private Task AuthenticationFailed (AuthenticationFailedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> notification) {
var logger = ObjectFactory.GetInstance<vb.com.service.Interfaces.ILogger> ();
notification.HandleResponse ();
if (notification.Exception.Message == "access_denied") {
logger.Fatal ("B2C Error in AuthenticationFailed : access_denied", true);
notification.Response.Redirect ("/");
} else if (notification.Exception.Message == "server_error") {
logger.Fatal ("B2C Error in AuthenticationFailed : server_error", true);
notification.Response.Redirect ("/Error?message=" + notification.Exception.Message);
} else {
logger.Fatal ("B2C Error in AuthenticationFailed : " + notification.Exception.Message, true);
notification.Response.Redirect ("/Error?message=" + notification.Exception.Message);
}
return Task.FromResult (0);
}
private OpenIdConnectAuthenticationOptions CreateOptionsFromPolicy (string policy) {
return new OpenIdConnectAuthenticationOptions {
// For each policy, give OWIN the policy-specific metadata address, and
// set the authentication type to the id of the policy
MetadataAddress = String.Format (aadInstance, tenant, policy),
AuthenticationType = policy,
// These are standard OpenID Connect parameters, with values pulled from web.config
ClientId = clientId,
RedirectUri = redirectUri,
PostLogoutRedirectUri = redirectUri,
Notifications = new OpenIdConnectAuthenticationNotifications {
AuthenticationFailed = AuthenticationFailed
},
Scope = "openid",
ResponseType = "id_token",
// This piece is optional - it is used for displaying the user's name in the navigation bar.
TokenValidationParameters = new TokenValidationParameters {
NameClaimType = "name",
SaveSigninToken = true //important to save the token in boostrapcontext
}
};
}
}