Cra*_*erz 17 asp.net-mvc-4 katana asp.net-mvc-5
我决定尝试新的Google Oauth2中间件,它几乎打破了一切.这是来自startup.auth.cs的我的提供程序配置.启用后,所有提供商(包括Google提供商)都会在Challenge上获得500内部服务器.但是,内部服务器错误的详细信息不可用,我无法弄清楚如何打开Katana中间件的任何调试或跟踪.在我看来,他们急于将谷歌Oauth中间件推出门外.
//// GOOGLE
var googleOptions = new GoogleOAuth2AuthenticationOptions
{
ClientId = "228",
ClientSecret = "k",
CallbackPath = new PathString("/users/epsignin")
SignInAsAuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
Provider = new GoogleOAuth2AuthenticationProvider
{
OnAuthenticated = context =>
{
foreach (var x in context.User)
{
string claimType = string.Format("urn:google:{0}", x.Key);
string claimValue = x.Value.ToString();
if (!context.Identity.HasClaim(claimType, claimValue))
context.Identity.AddClaim(new Claim(claimType, claimValue, XmlSchemaString, "Google"));
}
return Task.FromResult(0);
}
}
};
app.UseGoogleAuthentication(googleOptions);
ActionMethod代码:
[AllowAnonymous]
public ActionResult ExternalProviderSignIn(string provider, string returnUrl)
{
var ctx = Request.GetOwinContext();
ctx.Authentication.Challenge(
new AuthenticationProperties
{
RedirectUri = Url.Action("EPSignIn", new { provider })
},
provider);
return new HttpUnauthorizedResult();
}
Cra*_*ion 26
这花了我几个小时才弄清楚,但问题是CallbackPath@CrazyCoder提到的问题.我意识到,CallbackPath在public void ConfigureAuth(IAppBuilder app) 必须是当它在被设置成不同ChallengeResult.如果它们是相同的,则在OWIN中抛出500错误.
我的代码ConfigureAuth(IAppBuilder app)是
var googleOptions = new Microsoft.Owin.Security.Google.GoogleOAuth2AuthenticationOptions
{
ClientId = "xxx",
ClientSecret = "yyy",
CallbackPath = new PathString("/callbacks/google"), //this is never called by MVC, but needs to be registered at your oAuth provider
Provider = new GoogleOAuth2AuthenticationProvider
{
OnAuthenticated = (context) =>
{
context.Identity.AddClaim(new Claim("picture", context.User.GetValue("picture").ToString()));
context.Identity.AddClaim(new Claim("profile", context.User.GetValue("profile").ToString()));
return Task.FromResult(0);
}
}
};
googleOptions.Scope.Add("email");
app.UseGoogleAuthentication(googleOptions);
我的'回调'控制器代码是:
// GET: /callbacks/googlereturn - callback Action
[AllowAnonymous]
public async Task<ActionResult> googlereturn()
{
return View();
}
//POST: /Account/GooglePlus
public ActionResult GooglePlus()
{
return new ChallengeResult("Google", Request.Url.GetLeftPart(UriPartial.Authority) + "/callbacks/googlereturn", null);
//Needs to be a path to an Action that will handle the oAuth Provider callback
}
private class ChallengeResult : HttpUnauthorizedResult
{
public ChallengeResult(string provider, string redirectUri)
: this(provider, redirectUri, null)
{
}
public ChallengeResult(string provider, string redirectUri, string userId)
{
LoginProvider = provider;
RedirectUri = redirectUri;
UserId = userId;
}
public string LoginProvider { get; set; }
public string RedirectUri { get; set; }
public string UserId { get; set; }
public override void ExecuteResult(ControllerContext context)
{
var properties = new AuthenticationProperties() { RedirectUri = RedirectUri };
if (UserId != null)
{
properties.Dictionary[XsrfKey] = UserId;
}
context.HttpContext.GetOwinContext().Authentication.Challenge(properties, LoginProvider);
}
}
它现在都在工作,虽然很想知道'在发动机罩下'到底发生了什么
除非你有其他要求,否则我的建议是让OWIN使用默认的重定向路径,并确保你自己不使用它们.
没有必要指定CallbackPath的UseGoogleAuthentication:
CallbackPath = new PathString("/Account/ExternalLoginCallback")
只需将授权重定向的Google设置保持URIs为:
http(s):// yoururl:orPort/signin -google
Owin在内部处理signin-google并重定向到redirectUri,如ChallengeResult类的代码中所述.哪个是Account/ExternalLoginCallback.
| 归档时间: |
|
| 查看次数: |
7213 次 |
| 最近记录: |