相关疑难解决方法(0)

我正在使用ASP.NET MVC Core的自定义身份验证,它不使用Identity.这是Startup.cs:

public class Startup
{
    public IConfiguration Configuration { get; set; }

    // Configure IoC container
    // https://docs.asp.net/en/latest/fundamentals/dependency-injection.html
    public void ConfigureServices(IServiceCollection services)
    {
        services.Configure<AppSettings>(options => Configuration.GetSection(nameof(AppSettings)).Bind(options));

        // https://docs.asp.net/en/latest/security/anti-request-forgery.html
        services.AddAntiforgery(options => options.CookieName = options.HeaderName = "X-XSRF-TOKEN");

        services.AddDbContext<DbSesamContext>(options =>
        {
            options.UseSqlServer(Configuration.GetConnectionString("SesamConnection"));
        });

        services.AddDbContext<TerminalDbContext>(options =>
        {
            options.UseSqlServer(Configuration.GetConnectionString("TerminalConnection"));
        });

        services.AddMvcCore()
            .AddAuthorization()
            .AddViews()
            .AddRazorViewEngine()
            .AddJsonFormatters();
    }

    public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory factory)
    {
        // Configure logging
        // https://docs.asp.net/en/latest/fundamentals/logging.html
        factory.AddConsole(Configuration.GetSection("Logging"));
        factory.AddDebug();

        // Serve static files
        // https://docs.asp.net/en/latest/fundamentals/static-files.html
        app.UseStaticFiles(); …

我正在尝试在MVC 5网络应用中实施Google身份验证.身份验证工作正常,但我会检索配置文件和图片信息.

为此,我添加了一个GoogleOAuth2AuthenticationOptions对象来指定其他声明:

var googleOAuth2AuthenticationOptions = new GoogleOAuth2AuthenticationOptions
{
    ClientId = "xxxxxxxxxxxxxxxx",
    ClientSecret = "xxxxxxxxxxxxxxxxx",
    CallbackPath = new PathString("/Account/LoginCallback"),
    Provider = new GoogleOAuth2AuthenticationProvider()
    {
        OnAuthenticated = async context =>
        {
            context.Identity.AddClaim(new Claim("picture", context.User.GetValue("picture").ToString()));
            context.Identity.AddClaim(new Claim("profile", context.User.GetValue("profile").ToString()));
        }
    }
};

app.UseGoogleAuthentication(googleOAuth2AuthenticationOptions);

但它会导致生成错误的URL:

http://admin.localhost.com/Account/LoginCallback&state=Gs-otJmI79bgWA3_qJzDcGziWnkRCOf7JRoCUDCIz0jv4IIvDdoZlZzVSq2kZxfaPFDmv9hbZGp5q1Aq8mpLPguKnCF31twHj8NQCMv_NrgZzvKwaelmZr_HwY_bdj8h1ICFrkGTKLJ1saEYDbFJ2CJxvDkyBL2iygQmTXQTs-aUiL4yWe5_7dZQOjP_mDUSW-GXns3wr7Okwkoj8VEITJTUz9nAbrBd_N_7puTMlHU&client_id=xxxxxxxxxxxxxxxx

没有'？' 在参数之前,这会导致redirect_uri_mismatch.

但是,当我简单地使用时:

app.UseGoogleAuthentication(
    clientId : "xxxxxxxxxxxxxxxxxxx",
    clientSecret : "xxxxxxxxxxxxxxxxx");

它正在发挥作用.

任何的想法 ？