自定义用户服务不能与Facebook作为Identity Server v3中的外部登录提供程序一起使用

时间:2017-12-07 16:41:54

标签: oauth identityserver3 identityserver4 facebook-oauth

我已下载 Microsoft.Owin.Security.Facebook 程序包,以便能够将Facebook集成为外部登录提供程序。我已将其添加到应用构建器中,如下所示:

var fbOptions = new FacebookAuthenticationOptions()
{
    AuthenticationType = "Facebook",
    Caption = "Facebook",
    SignInAsAuthenticationType = signInAsType,
    AppId = "17*****************5",
    AppSecret = "3a*****************************16",
    Provider = new FacebookAuthenticationProvider()
    {
        OnAuthenticated = (context) =>
        {
            return Task.FromResult(0);
        }
    },
};

app.UseFacebookAuthentication(fbOptions);

当然,在ActionArguments我注册了我的应用程序以获取应用程序ID和应用程序密码。我已经以标准方式注册了自定义用户服务:

public class CustomUserService : UserServiceBase
{
        ....
        // gets called whenever the user uses external identity provider to authenticate
        // now we will try to map external user to a local user
        public override Task AuthenticateExternalAsync(ExternalAuthenticationContext context)
        .... 
}

然后在Startup.cs中:

// use custom user service
var customUserService = new CustomUserService();
idServerServiceFactory.UserService = new Registration<IUserService>(resolver => customUserService);

在登录屏幕中,我有Facebook作为选项。我可以选择它,我可以导航到它并成功输入我的凭据。问题发生在我从Facebook回到我的Identity Server 3实现之后。

浏览器中的消息是:

There was an error logging into the external provider. The error message is: access_denied

浏览器网址是:

https://localhost:44317/identity/callback?error=access_denied#_=_

日志中的那个:

iisexpress.exe Information: 0 : 2017-12-07 17:44:26.687 +02:00 [Information] User is not authenticated. Redirecting to login.
iisexpress.exe Information: 0 : 2017-12-07 17:44:26.694 +02:00 [Information] End authorize request
iisexpress.exe Information: 0 : 2017-12-07 17:44:26.701 +02:00 [Information] Redirecting to login page
iisexpress.exe Information: 0 : 2017-12-07 17:44:26.796 +02:00 [Information] Login page requested
iisexpress.exe Information: 0 : 2017-12-07 17:44:26.834 +02:00 [Information] rendering login page
iisexpress.exe Information: 0 : 2017-12-07 17:44:28.425 +02:00 [Information] External login requested for provider: "Facebook"
iisexpress.exe Information: 0 : 2017-12-07 17:44:28.427 +02:00 [Information] Triggering challenge for external identity provider
iisexpress.exe Information: 0 : 2017-12-07 17:44:49.508 +02:00 [Information] Callback invoked from external identity provider
iisexpress.exe Error: 0 : 2017-12-07 17:44:49.508 +02:00 [Error] External identity provider returned error: "access_denied"

注意:我从未在

中找到断点 
public override Task AuthenticateExternalAsync(ExternalAuthenticationContext context)

如果要提供帮助,我在localhost上运行Identity Sever 3的实例。

除此之外,当使用Fiddler时,我看到有人打电话给主持人: graph.facebook.com 并且成功了。

{"access_token":"EAAYxR1NxxxMBAHLOW17nfS2xTDqXgIU3FY5ZBpw8EJFfzpoQpS5H6eVjsda2ZAN6ABLGu2а21fGleam8LbhPJTZCh8vBdbnQaijEZAwAQqGDyIZCXhR3twL3Fnq1gZBT8zUsPshZBjTFJ9tU0mWb6s8Up4sX9dUdQDCFefqEf4XKZBEZBHmshm","token_type":"bearer","expires_in":5181406}

但在此之后,localhost发生了故障。

1 个答案:

答案 0 :(得分:1)

我的解决方案是更新以下nuget包:

Microsoft.Owin
Microsoft.Owin.Security
Microsoft.Owin.Security.Facebook
Microsoft.Owin.Security.Google

从我当前的版本( 3.0.1 )到版本 3.1.0

通过这种方式,我开始在我的Identity Server实例上点击端点,到目前为止它看起来很不错。

相关问题
最新问题