maq*_*que 3 c# openid-connect .net-core
通过设置 asp.net 核心,AddOpenIdConnect它通过默认/signin-oidc页面创建,当从 opeind 提供程序访问时,该页面工作正常。用户已登录,一切正常。
虽然用户仍然可以尝试mypage.com/signin-oidc直接访问并得到Correlation failed失败的错误。
如何正确处理对该页面的访问,使其仍然适用于 openid 流,但在直接访问时不会产生错误(重定向)?(已经尝试用 HttpGet 覆盖 Route)
编辑
详细说明,将/signin-oidc使用基础启动提供 500 状态,例如
``
public void ConfigureServices(IServiceCollection services)
{
services.AddOptions();
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
}).AddCookie()
.AddOpenIdConnect(options =>
{
options.ClientId = "test";
options.ClientSecret = Environment.GetEnvironmentVariable("ClientSecret");
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.Authority = "https://test.net";
options.ResponseType = "code";
options.Scope.Add("openid");
options.GetClaimsFromUserInfoEndpoint = true;
options.SaveTokens = true;
options.Events = new OpenIdConnectEvents
{
OnTokenValidated = async ctx =>
{
var claims = new List<Claim>();
claims.Add(new Claim("jwt", ctx.SecurityToken.ToString()));
var appIdentity = new ClaimsIdentity(claims);
ctx.Principal.AddIdentity(appIdentity);
}
};
}).AddJwtBearer(options =>
{
options.Authority = "https://test.net";
options.Audience = "authorization.sample.api";
options.IncludeErrorDetails = true;
});
services.AddMvc();
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new Info
{
Version = "v1",
Title = "Test API"
});
});
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseStaticFiles(new StaticFileOptions
{
FileProvider = new PhysicalFileProvider(
Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "wwwroot")),
RequestPath = "/dist"
});
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});
app.Use(async (context, next) =>
{
if (context.Request.Host.Host.ToLower() != "localhost")
context.Request.Scheme = "https";
await next.Invoke();
});
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute("default", "{controller=Home}/{action=LandingPage}/{id?}");
routes.MapRoute("Spa", "{*url}", defaults: new { controller = "Home", action = "Index" });
});
var swaggerJsonEndpoint = "api-docs/{0}/swagger.json";
app.UseSwagger(so => so.RouteTemplate = string.Format(CultureInfo.InvariantCulture, swaggerJsonEndpoint, "{documentName}"));
app.UseSwaggerUI(c =>
{
c.RoutePrefix = "api-docs";
c.SwaggerEndpoint("/" + string.Format(CultureInfo.InvariantCulture, swaggerJsonEndpoint, "v1"), "Test API v1");
c.OAuthClientId("admin.implicit");
});
}
``
我以前也遇到过这种情况,我认为这只是 OpenId 系统在 ASP.NET Core 中的工作方式的产物。我相信有一个 Github 问题,但我似乎无法在 ATM 上找到它。如果我能找到它,我会环顾四周并发布它。
在任何情况下,我都能够通过向 OpenId 选项事件添加一个事件来解决这个问题,该事件在任何远程故障时都重定向到“主页”:
options.Events = new OpenIdConnectEvents {
// Your events here
OnRemoteFailure = ctx => {
ctx.HandleResponse();
ctx.Response.Redirect("Home");
return Task.FromResult(0);
}
};
看看这对你有用吗...
编辑:这是问题和评论,建议修复供您参考https://github.com/IdentityServer/IdentityServer4/issues/720#issuecomment-368484827
| 归档时间: |
|
| 查看次数: |
3896 次 |
| 最近记录: |