问题描述
为什么signinmanager的getexternallogininfoasync方法总是返回null?
Why does the signinmanager getexternallogininfoasync method always returning null?
我正在将VS2015与具有单个用户帐户(这是必要条件)的MVC的默认asp.net核心(不是框架)项目一起使用.使用第三方登录的目的是允许用户自行注册.基于角色的授权将由asp.net身份使用通过Azure AD注册提供的身份来处理.
I am using VS2015 with the default asp.net core (not framework) project for MVC with individual user accounts (this is a requirement). The purpose of using third party login is to allow users to self register. Role based authorization will be handled by asp.net identity using the identity provided from registering through Azure AD.
如果以下对Manager中登录的解释不正确,请纠正我.此方法应提供有关外部登录的详细信息,并返回一个Claimsprincipal对象,其中包含由身份提供者由用户提供的声明.
Correct me if the following interpretation of the signin in manager is incorrect. This method should provide details on the external login and return a claimsprincipal object which contains the claims provided by the user by the identity provider.
我已使用以下指南在Startup.cs(以下类部分)中设置OpenIdConnectAuthentication
I have used the following guide for setting up OpenIdConnectAuthentication in my Startup.cs (class section below)
启动外部登录提供程序时,它会将我定向到组织登录页面并成功.
When I launch the external login provider, it directs me to the organization login page and succeeds.
但是应由signinmanager方法填充的变量信息为空
However the variable info which should be populated by the signinmanager method is null
如果我在回调类中添加断点,则将填充User,并且IsAuthenticated变量为true.
我可以驱动允许用户自己在应用程序中注册的功能,但是,这是我首次尝试实现第三方登录,因此我想了解自己在这方面做错了什么.
I could drive the functionality of allowing the user to register in the app myself, however, this is my first attempt at implementing third party login and I would like to understand what I am doing wrong as this point.
Startup.cs
Startup.cs
public void ConfigureServices(IServiceCollection services)
{
// Add framework services.
services.AddApplicationInsightsTelemetry(Configuration);
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.AddIdentity<ApplicationUser, IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
// Add Authentication services.
services.AddAuthentication(sharedOptions => {
sharedOptions.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
});
//services.AddDistributedMemoryCache();
//services.AddSession();
services.AddMvc();
// Add application services.
services.AddTransient<IEmailSender, AuthMessageSender>();
services.AddTransient<ISmsSender, AuthMessageSender>();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
app.UseApplicationInsightsRequestTelemetry();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
app.UseBrowserLink();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseApplicationInsightsExceptionTelemetry();
app.UseStaticFiles();
app.UseIdentity();
// Configure the OWIN pipeline to use cookie auth.
app.UseCookieAuthentication( new CookieAuthenticationOptions());
//Add external authentication middleware below.To configure them please see http://go.microsoft.com/fwlink/?LinkID=532715
app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
{
SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme,
CallbackPath = "/signin-oidc",
ClientId = Configuration["AzureAD:ClientId"],
Authority = String.Format(Configuration["AzureAd:AadInstance"], Configuration["AzureAd:Tenant"]),
ResponseType = OpenIdConnectResponseType.IdToken,
PostLogoutRedirectUri = Configuration["AzureAd:PostLogoutRedirectUri"],
Events = new OpenIdConnectEvents
{
//OnRemoteFailure = OnAuthenticationFailed,
}
});
//app.UseSession();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
}
外部登录
public IActionResult ExternalLogin(string provider, string returnUrl = null)
{
// Request a redirect to the external login provider.
var redirectUrl = Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = returnUrl });
var properties = _signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl);
return Challenge(properties, provider);
}
推荐答案
过去,这种方法产生多个空值的问题已被多次报道.开箱即用提供的任何受支持的身份验证方法都不会发生这种情况.至少在将OAuth与azure AD配合使用并遵循帖子中提供的方法时,这是一个问题.但是,有一种解决方法仍然允许使用默认项目类型.只需将您自己的使用User原理构造的ExternalLoginInfo类替换为滚动,即可替换产生ExternalLoginInfo变量(info)的方法.
There have been multiple reported issues with this method producing a null value in the past. This does not happen with any of the supported authentication methods that are supplied out of the box. This is a problem at least with using OAuth with azure AD and following the supplied method in the post. However, there is a workaround that still allows for the use of the default project type. Simply replace the method that produces the ExternalLoginInfo variable (info) with a roll your own ExternalLoginInfo class constructed using the User principle.
ExternalLoginInfo info = new ExternalLoginInfo(User,
"Microsoft",
User.Claims.Where(x=>x.Type== "http://schemas.microsoft.com/identity/claims/objectidentifier").FirstOrDefault().Value.ToString(),
"Microsoft" );
ASP .NET MVC 5(VS2013最终版):使用OWIN的Facebook登录失败(loginInfo为null)
MVC 5 Owin Facebook Auth结果为空引用例外
这篇关于_signInManager.GetExternalLoginInfoAsync()始终向Azure广告返回带有打开ID的null的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!