我有一个Blazor WebAssembly应用程序,该应用程序托管在ASP.NET CORE服务器中。我在进程自包含部署中使用IIS,并且该应用程序被配置为默认网站的子应用程序。因此,URL类似于[https:] // myserver / APPLICATIONNAME /
我收到一条错误消息,指出重定向URI与客户端允许的URI不匹配,但是在日志中,两个URI完全相同。重定向URI在appsettings.json文件中定义。
我已遵循Microsoft文档here
这是没有显式重定向URI的日志错误:
{
"ClientId": "TestBlazorAuth.Client",
"ClientName": "TestBlazorAuth.Client",
"AllowedRedirectUris": [
"/authentication/login-callback"
],
"SubjectId": "anonymous",
"RequestedScopes": "",
"Raw": {
"client_id": "TestBlazorAuth.Client",
"redirect_uri": "https://localhost/TestBlazorAuth/authentication/login-callback",
"response_type": "code",
"scope": "TestBlazorAuth.ServerAPI openid profile",
"state": "d53f88ebd6dc413fb929f01b06cd8efa",
"code_challenge": "XPaEMOg02714PWrx9POC3oSwsO2mXAhBe_IerH4p75E",
"code_challenge_method": "S256",
"prompt": "none",
"response_mode": "query"
}
}
这是显式设置:
"IdentityServer": {
"Clients": {
"TestBlazorAuth.Client": {
"Profile": "IdentityServerSPA",
"RedirectUri": "https://localhost/TestBlazorAuth/authentication/login-callback"
}
},
"Key": {
"Type": "File",
"FilePath": "C:\\temp\\som_cert_file.pfx",
"Password": "blablabla"
}
},
这是使用显式设置时的错误日志:
Invalid redirect_uri: https://localhost/TestBlazorAuth/authentication/login-callback
{
"ClientId": "TestBlazorAuth.Client",
"ClientName": "TestBlazorAuth.Client",
"AllowedRedirectUris": [
"https://localhost/TestBlazorAuth/authentication/login-callback"
],
"SubjectId": "anonymous",
"RequestedScopes": "",
"Raw": {
"client_id": "TestBlazorAuth.Client",
"redirect_uri": "https://localhost/TestBlazorAuth/authentication/login-callback",
"response_type": "code",
"scope": "TestBlazorAuth.ServerAPI openid profile",
"state": "3b121b72d20640cb8c7b74f783b5d914",
"code_challenge": "WNev6kwUV7UjAhNTvvDH10vJwkEXPDev8jwNZYnsNDY",
"code_challenge_method": "S256",
"prompt": "none",
"response_mode": "query"
}
}
redirect_uri和AllowedRedirectUris [0]在我看来完全一样。
这是使用NLOG的跟踪:
2020-06-24 14:56:05.3948||TRACE|IdentityServer4.Stores.ValidatingClientStore|Calling into client configuration validator: IdentityServer4.Validation.DefaultClientConfigurationValidator
2020-06-24 14:56:05.4080||DEBUG|IdentityServer4.Stores.ValidatingClientStore|client configuration validation for client Integra.PCSP.Print.WebUI.Client succeeded.
2020-06-24 14:56:05.4080||ERROR|IdentityServer4.Validation.AuthorizeRequestValidator|Invalid redirect_uri: "https://localhost/TestBlazorAuth/authentication/login-callback"
我查看了IdentityServer4源代码以检查比较是如何完成的,一切似乎都很好:
public class StrictRedirectUriValidator : IRedirectUriValidator
{
/// <summary>
/// Checks if a given URI string is in a collection of strings (using ordinal ignore case comparison)
/// </summary>
/// <param name="uris">The uris.</param>
/// <param name="requestedUri">The requested URI.</param>
/// <returns></returns>
protected bool StringCollectionContainsString(IEnumerable<string> uris, string requestedUri)
{
if (uris.IsNullOrEmpty()) return false;
return uris.Contains(requestedUri, StringComparer.OrdinalIgnoreCase);
}
...
}
这时我已经准备好在MVC中抓取项目并实现该应用程序了,它只有几页,所以我认为这将是Blazor的绝佳概念验证。原来,开发部分很容易,部署是一场噩梦。
感谢任何想法。
答案 0 :(得分:1)
事实证明,此问题与区分大小写有关。我仍然不明白为什么。
这就是我所做的。
<base href="/testblazorauth/" />
app.UsePathBase("/testblazorauth/");
"IdentityServer": {
"Clients": {
"TestBlazorAuth.Client": {
"Profile": "IdentityServerSPA"
}
},
"Key": {
"Type": "File",
"FilePath": "C:\\temp\\SOME_CERT.pfx",
"Password": "SOME_PASSWORD"
}
},
在IIS中,我创建了默认网站的新子应用程序,其主机名为“ testblazorauth”(全部小写)。
使用VS发布应用程序并在Chrome中运行,并获得了预期的结果,没有更多错误。