我已将Twitter身份验证集成到.NET Core WebAPI项目中。它重定向到Twitter登录页面,但此后,当重定向到“外部登录回调” URL时,它将引发“无效的cookie状态”
我添加了AddCookie()和AddSession(),但没有任何帮助。我正在通过创建OnRemoteFailure事件并重定向到前端站点来处理错误页面。
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddCookie("ExternalCookies", options =>
{
options.Cookie.Name = "external_auth_cookie";
options.Cookie.SameSite = SameSiteMode.None;
})
.AddFacebook(option =>
{
option.AppId = Configuration["ExternalLogin:Facebook:AppId"];
option.AppSecret = Configuration["ExternalLogin:Facebook:AppSecret"];
})
.AddTwitter(options =>
{
options.ConsumerKey = Configuration["ExternalLogin:Twitter:ConsumerKey"];
options.ConsumerSecret = Configuration["ExternalLogin:Twitter:ConsumerSecret"];
options.RetrieveUserDetails = true;
options.CallbackPath = new PathString(Configuration["ExternalLogin:Twitter:CallBackPath"]);
options.Events.OnRemoteFailure = ctx =>
{
ctx.Response.Redirect(Configuration["ExternalLogin:FeCallBackUrl"] + "?err=Login failed");
ctx.HandleResponse();
return Task.CompletedTask;
};
})
.AddJwtBearer(x =>
{
x.RequireHttpsMetadata = false;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidIssuer = Configuration.GetValue<string>("Jwt:Issuer"),
ValidAudience = Configuration.GetValue<string>("Jwt:Audience"),
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(Configuration.GetValue<string>("Jwt:Secret"))),
ValidateIssuer = true,
ValidateAudience = false
};
});```