我正在使用IdentityServer4并尝试添加多个相同类型的外部提供程序,在我的情况下是OpenIdConnect。但是我遇到了一些问题。
services.AddAuthentication()
// Azure AD
.AddOpenIdConnect("oidc", "Azure AD", x =>
{
x.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
x.SignOutScheme = IdentityServerConstants.SignoutScheme;
x.ClientId = "some-client-id";
x.Authority = "https://login.microsoftonline.com/common";
x.ResponseType = OpenIdConnectResponseType.IdToken;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = false
};
})
// Identity Server
.AddOpenIdConnect("oidc", "My Other Identity Server", x =>
{
x.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
x.SignOutScheme = IdentityServerConstants.SignoutScheme;
x.ClientId = "some-other-client-id";
x.Authority = "http://localhost:6000"; //Another Identity Server I want to treat as external provider
x.RequireHttpsMetadata = false;
x.ResponseType = OpenIdConnectResponseType.IdToken;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true
};
});
原因:
Scheme already exists: oidc
at Microsoft.AspNetCore.Authentication.AuthenticationOptions.AddScheme(String name, Action`1 configureBuilder)
at Microsoft.AspNetCore.Authentication.AuthenticationBuilder.<>c__DisplayClass4_0`2.<AddScheme>b__0(AuthenticationOptions o)
at Microsoft.Extensions.Options.ConfigureNamedOptions`1.Configure(String name, TOptions options)
at Microsoft.Extensions.Options.OptionsFactory`1.Create(String name)
at Microsoft.Extensions.Options.OptionsManager`1.<>c__DisplayClass5_0.<Get>b__0()
at System.Lazy`1.ViaFactory(LazyThreadSafetyMode mode)
at System.Lazy`1.ExecutionAndPublication(LazyHelper executionAndPublication, Boolean useDefaultConstructor)
at System.Lazy`1.CreateValue()
at Microsoft.Extensions.Options.OptionsCache`1.GetOrAdd(String name, Func`1 createOptions)
at Microsoft.Extensions.Options.OptionsManager`1.Get(String name)
at Microsoft.Extensions.Options.OptionsManager`1.get_Value()
at Microsoft.AspNetCore.Authentication.AuthenticationSchemeProvider..ctor(IOptions`1 options)
services.AddAuthentication()
// Azure AD
.AddOpenIdConnect("oidc", "Azure AD", x =>
{
x.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
x.SignOutScheme = IdentityServerConstants.SignoutScheme;
x.ClientId = "some-client-id";
x.Authority = "https://login.microsoftonline.com/common";
x.ResponseType = OpenIdConnectResponseType.IdToken;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = false
};
})
// Identity Server
.AddOpenIdConnect("oidc-idserver", "My Other Identity Server", x =>
{
x.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
x.SignOutScheme = IdentityServerConstants.SignoutScheme;
x.ClientId = "some-other-client-id";
x.Authority = "http://localhost:6000"; //Another Identity Server I want to treat as external provider
x.RequireHttpsMetadata = false;
x.ResponseType = OpenIdConnectResponseType.IdToken;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true
};
});
如果我给他们不同的方案,那么当外部提供者回帖时我会得到以下异常。
原因:
Exception: Correlation failed.
Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler+<HandleRequestAsync>d__12.MoveNext()
答案 0 :(得分:4)
评论者建议解决方案是添加特定的template <template <unsigned> class Z, unsigned N>
constexpr unsigned get_dim(Z<N> d) { return N; }
template <template <unsigned> class Z>
constexpr unsigned get_dim(... ) { return 0; }
template<class... DimensionTs>
auto dimensions(DimensionTs...)
{
struct X : DimensionTs... { };
static constexpr X x {};
return Dimensions<
get_dim<Width>(x),
get_dim<Height(x),
get_dim<Breadth>(x)
>();
}
和CallbackPath,以便中间件可以知道哪个外部提供商正在运行。
SignedOutCallbackPath