我正在使用Identity Server 4.0尝试创建Mictosoft Identity以进行用户维护以及何时 尝试创建MVC客户端时,我陷入了InvalidOperationException异常:
No authentication handler is registered for the scheme 'oidc'. The registered schemes are: Identity.Application, Identity.External, Identity.TwoFactorRememberMe, Identity.TwoFactorUserId, idsrv, idsrv.external. Did you forget to call AddAuthentication().Add[SomeAuthHandler]("oidc",...)?
这是我在身份服务器应用程序中的AddServices
protected override IServiceCollection AddServices(
IServiceCollection services)
{
string inboxIdentityConnectionString = Configuration
.GetConnectionString("InboxIdentityConnectionString");
string identityServerConnectionString = Configuration
.GetConnectionString("IdentityServerConnectionString");
services.AddIdentity<ApplicationUser, ApplicationRole>(
config =>
{
// Sign-In
config.SignIn.RequireConfirmedEmail = true;
config.SignIn.RequireConfirmedPhoneNumber = false;
// Password settings
config.Password.RequireDigit = true;
config.Password.RequiredLength = 10;
config.Password.RequireNonAlphanumeric = true;
config.Password.RequireUppercase = true;
config.Password.RequireLowercase = true;
// Lockout settings
config.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30);
config.Lockout.MaxFailedAccessAttempts = 3;
config.Lockout.AllowedForNewUsers = true;
// User settings
config.User.RequireUniqueEmail = true;
})
.AddEntityFrameworkStores<InboxIdentityDbContext>()
.AddDefaultTokenProviders();
services.AddDbContext<InboxIdentityDbContext>(
options =>
options.UseSqlServer(inboxIdentityConnectionString));
services.AddIdentityServer(
options =>
{
options.Events.RaiseErrorEvents = true;
options.Events.RaiseInformationEvents = true;
options.Events.RaiseFailureEvents = true;
options.Events.RaiseSuccessEvents = true;
})
// see the IdentityServerBuilderExtensions - this extension also adds the
// custom user claims via the injection of the InboxInsightProfileService
.AddAspNetIdentity<ApplicationUser>()
.AddConfigurationStore(
options =>
{
options.ConfigureDbContext = builder =>
builder.UseSqlServer(identityServerConnectionString);
})
.AddOperationalStore(
options =>
{
options.ConfigureDbContext = builder =>
builder.UseSqlServer(identityServerConnectionString);
// this enables automatic token cleanup. this is optional.
options.EnableTokenCleanup = true;
options.TokenCleanupInterval = 60; // interval in seconds, short for testing
})
.AddDeveloperSigningCredential();
return services;
}
还有我的客户端中的启动
public static IServiceCollection AddDefaultOpenIdConnectAuthentication(
this IServiceCollection services,
string authority,
string clientId,
string clientSecret,
string signoutRedirectUrl,
string requestedScopes,
string responseType = "code id_token",
string loginPath = "/SignIn",
string accessDeniedPath = "/AccessDenied")
{
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
services.AddAuthentication(
options =>
{
// Added as part of IdentityServer4Core2 update
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "oidc";
})
.AddCookie(
"Cookies", options =>
{
options.LoginPath = loginPath;
options.AccessDeniedPath = accessDeniedPath;
options.SlidingExpiration = true;
options.ExpireTimeSpan = new TimeSpan(2, 0, 0);
})
.AddOpenIdConnect(
"oidc", options =>
{
options.SignInScheme = "Cookies";
options.Authority = authority;
options.ClientId = clientId;
options.ClientSecret = clientSecret;
options.ResponseType = responseType;
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.SignedOutRedirectUri = signoutRedirectUrl;
options.RequireHttpsMetadata = true;
options.Scope.Clear();
var scopes = requestedScopes
.Split(new[] {','}, StringSplitOptions.RemoveEmptyEntries)
.Select(s => s.Trim());
foreach (var scope in scopes)
{
options.Scope.Add(scope);
}
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = JwtClaimTypes.Name,
RoleClaimType = JwtClaimTypes.Role
};
// We need to grab and persist the ClaimsIssuer information
// github.com/aspnet/Security/issues/1449#issuecomment-332767846
// https://github.com/aspnet/Security/pull/1124#issuecomment-280079805
options.Events.OnTokenValidated += ctx =>
{
ctx.Options.ClaimsIssuer = ctx.SecurityToken.Issuer;
return Task.CompletedTask;
};
// We could either map each required claim, as described in the following
// link, or we can roll our own and get all available claims.
// https://leastprivilege.com/2017/11/15/missing-claims-in-the-asp-net-core-2-openid-connect-handler/
// For example, something like this (untested):
// options.ClaimActions.MapUniqueJsonKey("org", "org");
options.ClaimActions.Add(new MapAllClaimAction());
});
return services;
}
答案 0 :(得分:0)
您是否在MVC客户端启动类中添加了以下内容?
app.UseAuthentication();
app.UseAuthorization();