我对此问题进行了大量研究和阅读,最后发现该问题与Identity Server的URL有关。我们已将"/Identity"设置为路径(app.Map("/identity", idsrvApp =>),请记住我没有工作。如果我们删除它的作品。由于该应用程序正在生产中,并且有许多客户端依赖此url,因此更改它并使之正常工作并不容易。
还有其他选择可以使它起作用吗?
这是Identity Server设置
public void Configuration(IAppBuilder app)
{
app.UseCors(CorsOptions.AllowAll);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "Cookies",
ExpireTimeSpan = new TimeSpan(0, 30, 0),
SlidingExpiration = true
});
app.Map("/identity", idsrvApp =>
{
var corsPolicyService = new DefaultCorsPolicyService()
{
AllowAll = true
};
var idServerServiceFactory = new IdentityServerServiceFactory();
idServerServiceFactory.ConfigureUserService("Context");
idServerServiceFactory.CorsPolicyService = new
Registration<IdentityServer3.Core.Services.ICorsPolicyService>(corsPolicyService);
// use custom ViewService
idServerServiceFactory.ViewService = new Registration<IViewService, CustomViewService>();
idServerServiceFactory.ScopeStore = new Registration<IScopeStore, ScopeStore>();
idServerServiceFactory.ClientStore = new Registration<IClientStore, ClientStore>();
var options = new IdentityServerOptions
{
Factory = idServerServiceFactory,
SiteName = "Login",
IssuerUri = ConfigurationManager.AppSettings["issuerUri"],
PublicOrigin = ConfigurationManager.AppSettings["Origin"],
SigningCertificate = LoadCertificate(),
AuthenticationOptions = new IdentityServer3.Core.Configuration.AuthenticationOptions()
{
CookieOptions = new CookieOptions()
{
AllowRememberMe = true,
SecureMode = CookieSecureMode.Always,
RememberMeDuration = TimeSpan.FromDays(30),
SlidingExpiration = true
},
EnablePostSignOutAutoRedirect = true,
LoginPageLinks = new List<LoginPageLink>(){
new LoginPageLink() {
Href = "forgotpassword",
Text = "Reset Your Password",
Type = "forgotpassword"
}
}
}
};
idsrvApp.UseIdentityServer(options);
});
}
X509Certificate2 LoadCertificate()
{
return new X509Certificate2(
string.Format(@"{0}\certificates\idsrv3test.pfx",
AppDomain.CurrentDomain.BaseDirectory), "idsrv3test");
}
以下是Brock Allen和LeastPrivileage做出回应的一些帖子,但未提供解决方案。这些问题有同样的问题。
https://github.com/IdentityServer/IdentityServer3/issues/3693
和
https://github.com/IdentityServer/IdentityServer3/issues/2426
答案 0 :(得分:0)
最后我找到了答案。
当我们为Identity Server路由提供"/identity"时,将为路径"/identity"生成cookie,这就是记住我无法正常工作的原因。
要解决此问题,我们必须为Path = "/"的Cookie路径指定为CookieOptions,如下所示
app.Map(
"/identity",
coreApp =>
{
var factory =
new IdentityServerServiceFactory()
.UseInMemoryClients(Clients.Get())
.UseInMemoryScopes(Scopes.Get());
factory.ViewService = new Registration<IViewService, IdentityCustomViewService>();
factory.Register(new Registration<CustomIdentityDbContext>(resolver => HttpContext.Current.GetOwinContext().Get<CustomIdentityDbContext>()));
factory.Register(new Registration<CustomUserManager>(resolver => HttpContext.Current.GetOwinContext().GetUserManager<CustomUserManager>()));
factory.Register(new Registration<CustomAspNetIdentityUserService>(x => new CustomAspNetIdentityUserService(x.Resolve<CustomUserManager>())));
factory.Register(new Registration<UserManager<CustomIdentityUser, int>>(x => x.Resolve<CustomUserManager>()));
factory.UserService = new Registration<IUserService>(x => x.Resolve<CustomAspNetIdentityUserService>());
coreApp.UseIdentityServer(
new IdentityServerOptions
{
SiteName = "Identity Server",
SigningCertificate = Cert.Load(),
Factory = factory,
RequireSsl = true,
AuthenticationOptions = new IdentityServer3.Core.Configuration.AuthenticationOptions
{
IdentityProviders= ConfigureIdentityProviders,
EnablePostSignOutAutoRedirect = true,
CookieOptions = new IdentityServer3.Core.Configuration.CookieOptions()
{
AllowRememberMe = true,
SecureMode = CookieSecureMode.Always,
RememberMeDuration = TimeSpan.FromDays(30),
IsPersistent = false,
Path = "/"
},
}
});
});