MVC5 ADFS未通过身份验证

Question

我现在在ADFS UseOpenIdConnectAuthentication方面苦苦挣扎了一个多星期。真令人沮丧。

这是我的Startup.Auth.cs代码。变量“ dero”为false =>未通过身份验证。为什么？

using System;
using System.Configuration;
using System.Net.Http;
using System.Web;
using IdentityModel.Client;
using Microsoft.AspNet.Identity;
using Microsoft.IdentityModel.Clients.ActiveDirectory;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.OpenIdConnect;
using Owin;

namespace Intel.Web
{
public partial class Startup
{
    private readonly string authority = ConfigurationManager.AppSettings["auth:Authority"];
    private readonly string clientId = ConfigurationManager.AppSettings["auth:ClientId"];
    private readonly string clientSecret = ConfigurationManager.AppSettings["auth:ClientSecret"];
    private readonly string metadataAddress = ConfigurationManager.AppSettings["auth:MetadataAddress"];
    private readonly string postLogoutRedirectUri = ConfigurationManager.AppSettings["auth:PostLogoutRedirectUri"];
    private readonly string redirectUri = ConfigurationManager.AppSettings["auth:RedirectUri"];
    private readonly string tokenEndpoint = ConfigurationManager.AppSettings["auth:TokenEndpoint"];
    private readonly string userInfoEndpoint = ConfigurationManager.AppSettings["auth:UserInfoEndpoint"];

    public void ConfigureAuth(IAppBuilder app)
    {
        app.SetDefaultSignInAsAuthenticationType(DefaultAuthenticationTypes.ApplicationCookie);

     app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
        {
            ClientId = this.clientId,
            Authority = this.authority,
            MetadataAddress = this.metadataAddress,
            ResponseType = "code id_token",
            RedirectUri = this.redirectUri,
            PostLogoutRedirectUri = this.postLogoutRedirectUri,
            ClientSecret = this.clientSecret,

            // AuthenticationMode = AuthenticationMode.Passive,
            Notifications = new OpenIdConnectAuthenticationNotifications
            {
                AuthorizationCodeReceived = async n =>
                {
                    var authContext = new AuthenticationContext("https://dev.adfs.myServer.com/adfs/", false);
                    var result = await authContext.AcquireTokenByAuthorizationCodeAsync(n.ProtocolMessage.Code,
                        new Uri(this.redirectUri), new ClientCredential(this.clientId, this.clientSecret));


                    var userInfoReq = new UserInfoRequest
                    {
                        Address = this.userInfoEndpoint,
                        Token = result.AccessToken
                    };

                    var client = new HttpClient();

                    var response = await client.GetUserInfoAsync(userInfoReq);

                    if (response.IsError) throw new Exception("Invalid access token");

                    n.AuthenticationTicket.Identity.AddClaims(response.Claims);


                    var dero = HttpContext.Current.User.Identity.IsAuthenticated;

                    //FormsAuthentication.SetAuthCookie("userName unic gen", false);
                    HttpContext.Current.GetOwinContext().Authentication.Challenge(new AuthenticationProperties { RedirectUri = "/FOGWeb" }, OpenIdConnectAuthenticationDefaults.AuthenticationType);
                    dero =  HttpContext.Current.User.Identity.IsAuthenticated;
                }
            }
        });
    }
}

}