ASP.NET Core 2.0 - ArgumentException:必须提供Options.ClientId

Question

我有一个.NET Core 1.1应用程序,我希望升级到.NET Core 2.0.在更新目标框架和所有依赖项后,我发现我的身份验证设置无法编译.我已更新到帐户已删除的属性和已弃用/已移动的方法调用.椭圆用于表示为简洁而省略的代码.

每当我启动我的应用程序时,我现在收到以下错误

1.1代码 - public void Configure()Startup.cs的内部方法

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    AuthenticationScheme = "Cookies",
    ExpireTimeSpan = TimeSpan.FromHours(12),
    SlidingExpiration = false,
    CookiePath = CookiePath,
    CookieName = "MyCookie"
});

var openIdConnectionOptions = new OpenIdConnectOptions
{
    ClientId = Configuration["OpenIdSettings:ClientId"],
    ClientSecret = Configuration["OpenIdSettings:ClientSecret"],
    Authority = Configuration["OpenIdSettings:Authority"],
    MetadataAddress = $"{Configuration["OpenIdSettings:Authority"]}/.well-known/openid-configuration",
    GetClaimsFromUserInfoEndpoint = true,
    AuthenticationScheme = "oidc",
    SignInScheme = "Cookies",
    ResponseType = OpenIdConnectResponseType.IdToken,
    TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
    {
        // This sets the value of User.Identity.Name to users AD username
        NameClaimType = IdentityClaimTypes.WindowsAccountName,
        RoleClaimType = IdentityClaimTypes.Role,
        AuthenticationType = "Cookies",
        ValidateIssuer = false
    }
};

// Scopes needed by application
openIdConnectionOptions.Scope.Add("openid");
openIdConnectionOptions.Scope.Add("profile");
openIdConnectionOptions.Scope.Add("roles");

app.UseOpenIdConnectAuthentication(openIdConnectionOptions);

我正在阅读的所有内容都表明此过程已转移到该ConfigureServices方法.这是我的Core 2.0新代码

public void ConfigureServices(IServiceCollection services)
{
    ...

    services.AddAuthentication(options =>
    {
        options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
    }).AddCookie(options => new CookieAuthenticationOptions
    {
        //AuthenticationScheme = "Cookies", // Removed in 2.0
        ExpireTimeSpan = TimeSpan.FromHours(12),
        SlidingExpiration = false,
        Cookie = new CookieBuilder
        {
            Path = CookiePath,
            Name = "MyCookie"
        }
    }).AddOpenIdConnect(options => GetOpenIdConnectOptions());

    ...
}

public void Configure(IApplicationBuilder app)
{
    ...
    app.UseAuthentication();
    ...
}
private OpenIdConnectOptions GetOpenIdConnectOptions()
{
        var openIdConnectionOptions = new OpenIdConnectOptions
        {
            ClientId = Configuration["OpenIdSettings:ClientId"],
            ClientSecret = Configuration["OpenIdSettings:ClientSecret"],
            Authority = Configuration["OpenIdSettings:Authority"],
            MetadataAddress = $"{Configuration["OpenIdSettings:Authority"]}/.well-known/openid-configuration",
            GetClaimsFromUserInfoEndpoint = true,
            SignInScheme = "Cookies",
            ResponseType = OpenIdConnectResponseType.IdToken,

            TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
            {
                // This sets the value of User.Identity.Name to users AD username
                NameClaimType = IdentityClaimTypes.WindowsAccountName,
                RoleClaimType = IdentityClaimTypes.Role,
                AuthenticationType = "Cookies",
                ValidateIssuer = false
            }
        };

        // Scopes needed by application
        openIdConnectionOptions.Scope.Add("openid");
        openIdConnectionOptions.Scope.Add("profile");
        openIdConnectionOptions.Scope.Add("roles");

        return openIdConnectionOptions;
    }

我正在设置ClientId(或者我认为),GetOpenIdConnectOptions所以我不清楚错误所指的ClientId.enter code here

编辑:appsettings.json

"OpenIdSettings": {
  "Authority": "https://myopenidauthenticationendpointurl",
  "ClientId": "myappname",
  "CookiePath":  "mypath"
}

Answer 1

.AddOpenIdConnect(options => GetOpenIdConnectOptions());

您的GetOpenIdConnectOptions()助手返回一个新OpenIdConnectOptions实例,而不是更新委托options为您准备的对象options => ....

修复您的方法以获取现有OpenIdConnectOptions值,它应该工作:

services.AddAuthentication(options =>
{
    options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
}).AddCookie(options => new CookieAuthenticationOptions
{
    //AuthenticationScheme = "Cookies", // Removed in 2.0
    ExpireTimeSpan = TimeSpan.FromHours(12),
    SlidingExpiration = false,
    Cookie = new CookieBuilder
    {
        Path = CookiePath,
        Name = "MyCookie"
    }
})
.AddOpenIdConnect(options => SetOpenIdConnectOptions(options));

private void SetOpenIdConnectOptions(OpenIdConnectOptions options)
{
    options.ClientId = Configuration["OpenIdSettings:ClientId"];
    options.ClientSecret = Configuration["OpenIdSettings:ClientSecret"];
    options.Authority = Configuration["OpenIdSettings:Authority"];
    options.MetadataAddress = $"{Configuration["OpenIdSettings:Authority"]}/.well-known/openid-configuration";
    options.GetClaimsFromUserInfoEndpoint = true;
    options.SignInScheme = "Cookies";
    options.ResponseType = OpenIdConnectResponseType.IdToken;

    options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
    {
        // This sets the value of User.Identity.Name to users AD username
        NameClaimType = IdentityClaimTypes.WindowsAccountName,
        RoleClaimType = IdentityClaimTypes.Role,
        AuthenticationType = "Cookies",
        ValidateIssuer = false
    };

    // Scopes needed by application
    options.Scope.Add("openid");
    options.Scope.Add("profile");
    options.Scope.Add("roles");
}