OpenIddict ASP.NET Core 服务器不能用作默认方案处理程序

Question

我正在尝试OpenIddict 3.0。我按照文档中的步骤操作，创建了一个授权控制器，并添加了一个测试应用程序。当我尝试运行时，出现以下异常：

OpenIddict ASP.NET Core 服务器不能用作默认方案处理程序。确保 DefaultAuthenticateScheme、DefaultChallengeScheme、DefaultForbidScheme、DefaultSignInScheme、DefaultSignOutScheme 和 DefaultScheme 均不指向 OpenIddict ASP.NET Core 服务器处理程序的实例

我找不到我做错了什么。

这是我的Startup.cs：

public void ConfigureServices(IServiceCollection services)
{
    services.AddDbContext<ApplicationDbContext>(options =>
    {
        // Configure the context to use Microsoft SQL Server.
        options.UseInMemoryDatabase("Identity");

        // Register the entity sets needed by OpenIddict.
        // Note: use the generic overload if you need
        // to replace the default OpenIddict entities.
        options.UseOpenIddict<Guid>();
    });

    AddIdentityCoreServices(services);

    services.AddOpenIddict()

            // Register the OpenIddict core components.
            .AddCore(options =>
            {
                // Configure OpenIddict to use the Entity Framework Core stores and models.
                options.UseEntityFrameworkCore()
                        .UseDbContext<ApplicationDbContext>()
                        .ReplaceDefaultEntities<Guid>();
            })

            // Register the OpenIddict server components.
            .AddServer(options =>
            {
                // Enable the token endpoint (required to use the password flow).
                options.SetTokenEndpointUris("/connect/token");

                // Allow client applications to use the grant_type=password flow.
                options.AllowPasswordFlow();

                // Mark the "email", "profile" and "roles" scopes as supported scopes.
                //options.RegisterScopes(OpenIddictConstants.Scopes.Email,
                //                       OpenIddictConstants.Scopes.Profile,
                //                       OpenIddictConstants.Scopes.Roles);

                // Accept requests sent by unknown clients (i.e that don't send a client_id).
                // When this option is not used, a client registration must be
                // created for each client using IOpenIddictApplicationManager.
                options.AcceptAnonymousClients();

                // Register the signing and encryption credentials.
                options.AddDevelopmentEncryptionCertificate()
                        .AddDevelopmentSigningCertificate();

                // Register the ASP.NET Core host and configure the ASP.NET Core-specific options.
                options.UseAspNetCore()
                        .EnableAuthorizationEndpointPassthrough() // Add this line.
                        .EnableTokenEndpointPassthrough()
                        .DisableTransportSecurityRequirement(); // During development, you can disable the HTTPS requirement.
            })

            // Register the OpenIddict validation components.
            .AddValidation(options =>
            {
                // Import the configuration from the local OpenIddict server instance.
                options.UseLocalServer();

                // Register the ASP.NET Core host.
                options.UseAspNetCore();
            });

    // ASP.NET Core Identity should use the same claim names as OpenIddict
    services.Configure<IdentityOptions>(options =>
    {
        options.ClaimsIdentity.UserNameClaimType = OpenIdConnectConstants.Claims.Name;
        options.ClaimsIdentity.UserIdClaimType = OpenIdConnectConstants.Claims.Subject;
        options.ClaimsIdentity.RoleClaimType = OpenIdConnectConstants.Claims.Role;
    });

    services.AddAuthentication(options =>
    {
        options.DefaultAuthenticateScheme = OpenIddictServerAspNetCoreDefaults.AuthenticationScheme;
    });

    services.AddControllers();
}

// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
    }

    app.UseHttpsRedirection();

    app.UseRouting();

    app.UseAuthentication();
    app.UseAuthorization();

    app.UseEndpoints(endpoints =>
    {
        endpoints.MapControllers();
    });
}

private static void AddIdentityCoreServices(IServiceCollection services)
{
    var builder = services.AddIdentityCore<ApplicationUser>();
    builder = new IdentityBuilder(
        builder.UserType,
        typeof(ApplicationRole),
        builder.Services);

    builder.AddRoles<ApplicationRole>()
        .AddEntityFrameworkStores<ApplicationDbContext>()
        .AddDefaultTokenProviders()
        .AddSignInManager<SignInManager<ApplicationUser>>();
}

请帮助我解决我做错的事情。

Answer 1

我终于知道我错在哪里了。@火车感谢您为我指明了正确的方向。

改变services.AddAuthentication(...)从

services.AddAuthentication(options =>
    {
        options.DefaultAuthenticateScheme = OpenIddictServerAspNetCoreDefaults.AuthenticationScheme;
    });

到

services.AddAuthentication(options =>
            {
                options.DefaultScheme = OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme;
            });