我很难让OpenIDConnect与此asp.net 4.6 mvc 5项目一起正常工作。最近,我遇到了404错误,并最终向回调操作添加了自定义路由,以使其能够正常工作。之后,我开始遇到有关GetExternalLoginInfoAsync()的错误,该错误返回null并获取nullreferenceexception。这是我的配置的样子,其中包含一些内容,以及路由。同样,提供的图像也是我遇到的错误之一,如果我不使用自定义路由,则会收到404错误。
OpenIdConnect随机数cookie在其中,也在URL中发送状态和代码
https://localhost:44348/signin-oidc/?code=e33dab0ae5e9640ef731c460180780092703727b&state=OpenIdConnect.AuthenticationProperties%3D-JlLC-VdZi-KZst8OY4JikRrl59vm19HATAcOaqUv8a22U8ch9gC_IJARHlsvaDKZQrqfeTewtdk5d-KcZSrUR3qCoJVcmzNRDP8C0JJ2NH9ql42J3H1xkxEzoAvJ0wxITy-tCj5H-N-bYhMZbO4kB8s2S4msCF0kEDzgipoPmGfZfreUeyYcerwK_OJGH3uYKUYa1NjqA0G-hlhiYpUj8DUp59EXpDz6sr1wtohTiI
代码
var json = "";
using (WebClient wc = new WebClient())
{
json = wc.DownloadString("http://orders.data443.com/oauth/openid-configuration.php");
}
var settings = new OpenIdConnectAuthenticationOptions
{
Authority = "https://orders.data443.com/oauth/",
ClientId = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
ClientSecret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
RedirectUri = "https://localhost:44348/signin-oidc/",
CallbackPath = new PathString("/signin-oidc/"),
Configuration = new OpenIdConnectConfiguration(json),
ResponseType = OpenIdConnectResponseType.Code,
SignInAsAuthenticationType = "Cookies",
TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = false,
},
Scope = "openid email profile"
};
app.UseOpenIdConnectAuthentication(settings);
路由
routes.MapRoute(
name: "signin-oidc",
url: "signin-oidc",
defaults: new { controller = "Account", action = "ExternalLoginCallback" });
答案 0 :(得分:0)
我最近也处理了这些问题。 OWIN和ASP.NET pre-Core之间不兼容,OWIN中间件设置的cookie被System.Web淘汰。 Microsoft提供了一些解决方法,但是“没有万能药”(请通读wiki!)。您需要使用他们的ICookieManager实现之一,该实现使用System.Web.HttpContextBase对象模型来防止cookie冲突。
...
CookieManager = new SystemWebCookieManager(),
...
确保在整个OWIN中使用它。您可能至少要在CookieAuthenticationOptions
和OpenIdConnectAuthenticationOptions
中进行设置,并且需要将app.UseExternalSignInCookie()
替换为以下内容:
// app.UseExternalSignInCookie();
app.SetDefaultSignInAsAuthenticationType(DefaultAuthenticationTypes.ExternalCookie);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
AuthenticationMode = AuthenticationMode.Passive,
CookieName = ".AspNet." + DefaultAuthenticationTypes.ExternalCookie,
ExpireTimeSpan = TimeSpan.FromMinutes(5),
CookieManager = new SystemWebCookieManager()
});
Wiki:
https://github.com/aspnet/AspNetKatana/wiki/System.Web-response-cookie-integration-issues
臭虫:
https://web.archive.org/web/20170912171644/https://katanaproject.codeplex.com/workitem/197
https://github.com/aspnet/AspNetKatana/issues/331